Search Results

Blog

Category

What’s New in NIST 800-53 R5

The National Institute of Standards and Technology (NIST) recently released the first public draft of NIST 800-53 revision 5, Security and Privacy Controls for Information Systems and Organizations. This is the first updated to this massive standard in over five...

ISO 27001 – Part 3 – The Audit

In Parts 1 and 2 of this series, we presented the basics of building an ISO 27001 compliance program. In this final chapter, we will walk through the last stage in the compliance process: obtaining ISO 27001 certification. Now that you have implemented and optimized...

ISO 27001 – Part Two – Building an ISMS

In Part 1 of this series, we discussed the fundamentals of ISO 27001 compliance – specifically, the growing demand among international companies to make their vendors ISO compliant to align with the European General Data Protection Regulation (GDPR). In this part, we...

ISO 27001 Compliance – Part 1 – The Fundamentals

At Anitian, we regularly talk with leaders about the challenges of integrating compliance and security into a cohesive program. Lately, ISO 27001 compliance has attracted attention among many business leaders. This is partially the result of increasing uncertainty...

The Road to SOC2

The Service Organization Control (SOC) 2 certification is a must-have certification for software as a service (SaaS) companies. SOC2 allows a business to demonstrate that their internal controls meet security best practices.  In the realm of SOC2, these best practices...