by Andrew Plato | Sep 5, 2017 | Compliance, NIST
The National Institute of Standards and Technology (NIST) recently released the first public draft of NIST 800-53 revision 5, Security and Privacy Controls for Information Systems and Organizations. This is the first updated to this massive standard in over five...
by Andrew Plato | Aug 10, 2017 | Compliance, ISO 27001
In Parts 1 and 2 of this series, we presented the basics of building an ISO 27001 compliance program. In this final chapter, we will walk through the last stage in the compliance process: obtaining ISO 27001 certification. Now that you have implemented and optimized...
by Andrew Plato | Aug 9, 2017 | Compliance, ISO 27001
In Part 1 of this series, we discussed the fundamentals of ISO 27001 compliance – specifically, the growing demand among international companies to make their vendors ISO compliant to align with the European General Data Protection Regulation (GDPR). In this part, we...
by Andrew Plato | Aug 8, 2017 | Compliance
At Anitian, we regularly talk with leaders about the challenges of integrating compliance and security into a cohesive program. Lately, ISO 27001 compliance has attracted attention among many business leaders. This is partially the result of increasing uncertainty...
by Andrew Plato | Jun 12, 2017 | Compliance
The Service Organization Control (SOC) 2 certification is a must-have certification for software as a service (SaaS) companies. SOC2 allows a business to demonstrate that their internal controls meet security best practices. In the realm of SOC2, these best practices...
