Tugboat Logic’s explainer on access control for SOC 2 audits gives you three easy-to-remember pointers and considerations for every type of access that auditors look for during your SOC 2 exam.
Security Controls, Explained: Access Control
read more
Current matches for your
Search Results
The Top 3 Things That Will Delay Your SOC 2
These 3 things will delay your SOC 2: risk assessments, penetration tests, and internal security audits. Learn why you should take care of them in advance in order to maximize your chances of passing SOC 2.
How to Conduct Risk Assessments for SOC 2 and ISO 27001
Tugboat Logic’s explainer on risk assessments for SOC 2 and ISO 27001 teaches you how to conduct risk assessments in five steps and shows you the most common risks SaaS companies face.
The How Much Does SOC 2 Cost? Guide aka The Guide that Our Competitor Copied
For SOC 2, you can expect reputable vendors to typically charge $27K – $30K for both the SOC 2 readiness ($12K – $20K) and audit phases ($12K – $20K). For Type 1, you can expect to pay $27K, and for Type 2, you can expect to pay $30K.
Security Controls, Explained: Third-Party Risk Management for SOC 2 and ISO 27001
Tugboat Logic’s explainer on third-party risk management shows why the vendor management security control for SOC 2 and ISO 27001 is important, and teach you how to implement it for both certs. You’ll learn how to conduct vendor risk assessments with the templates we use internally.
Newbies’ Guide to Compliance: Jaeger Time, Or an Intro to PCI DSS Compliance
At first glance, PCI DSS and Pacific Rim don’t have a lot in common. Why would giant robots and kaijus describe an otherwise straightforward compliance standard? Read on to learn how and PCI DSS was created and how it works.
5 Ways to Level Up Security Awareness Training Without Breaking the Bank
Here are five ways to up-level your entire organization’s security awareness training without breaking the bank, and ensure that every employee is practicing InfoSec best practices in these increasingly uncertain times.
Navigate the Alphabet Soup of Security and Compliance Jargon with This Glossary
A useful collection of terms to help you navigate the security and compliance industry.
Do Security Awareness Training on a Budget
In this economic environment, InfoSec might be one of the last things on anyone's mind. However, security is critical now more than ever in the wake of numerous phishing and charity-related scams born out of the COVID-19 crisis. These five ways to improve security...
Memorize All SOC 2 Trust Services Criteria with this One Weird Trick
This SOC 2 mnemonic will help you quickly recall each of the Trust Services Criteria whenever you’re discussing their respective controls with your auditor or trying to flex at a dinner party.
Newbies’ Guide to Compliance: SOC 2 is a Unicorn
SOC 2 doesn’t need to be as mysterious as a unicorn. Time to gear up and seek it out!
Newbies’ Guide to Compliance: Unicorn Tactics
Welcome to a Newbies’ Guide to Compliance, the guide where nothing is made up and I try to wrap my head around the things that matter.