Tugboat Logic’s explainer on access control for SOC 2 audits gives you three easy-to-remember pointers and considerations for every type of access that auditors look for during your SOC 2 exam.
Current matches for your
These 3 things will delay your SOC 2: risk assessments, penetration tests, and internal security audits. Learn why you should take care of them in advance in order to maximize your chances of passing SOC 2.
Tugboat Logic’s explainer on risk assessments for SOC 2 and ISO 27001 teaches you how to conduct risk assessments in five steps and shows you the most common risks SaaS companies face.
For SOC 2, you can expect reputable vendors to typically charge $27K – $30K for both the SOC 2 readiness ($12K – $20K) and audit phases ($12K – $20K). For Type 1, you can expect to pay $27K, and for Type 2, you can expect to pay $30K.
Tugboat Logic’s explainer on third-party risk management shows why the vendor management security control for SOC 2 and ISO 27001 is important, and teach you how to implement it for both certs. You’ll learn how to conduct vendor risk assessments with the templates we use internally.
At first glance, PCI DSS and Pacific Rim don’t have a lot in common. Why would giant robots and kaijus describe an otherwise straightforward compliance standard? Read on to learn how and PCI DSS was created and how it works.
Here are five ways to up-level your entire organization’s security awareness training without breaking the bank, and ensure that every employee is practicing InfoSec best practices in these increasingly uncertain times.
A useful collection of terms to help you navigate the security and compliance industry.
In this economic environment, InfoSec might be one of the last things on anyone's mind. However, security is critical now more than ever in the wake of numerous phishing and charity-related scams born out of the COVID-19 crisis. These five ways to improve security...
This SOC 2 mnemonic will help you quickly recall each of the Trust Services Criteria whenever you’re discussing their respective controls with your auditor or trying to flex at a dinner party.
SOC 2 doesn’t need to be as mysterious as a unicorn. Time to gear up and seek it out!
Welcome to a Newbies’ Guide to Compliance, the guide where nothing is made up and I try to wrap my head around the things that matter.