Audit, Evaluation and Security - Continuity Professionals Pulse

The chief information security officer (CISO) role explained

BMC

NOVEMBER 18, 2024

Information security is a top concern for business organizations, as research finds that cyber-attacks are launched 2,244 times a day—that’s every 39 seconds. The role of Chief Information Security Officer (CISO) is gaining popularity to protect against information security risks. The average cost of a data breach is $3.9

Security

Security Disaster Recovery Evaluation Cybersecurity

A Guide to Completing an Internal Audit for Compliance Management

Reciprocity

DECEMBER 20, 2022

Learn the best way to complete an internal audit for your compliance management program. The Basics of Internal Audits. Internal audits assess a company’s internal controls, including its governance, compliance, security, and accounting processes. What Is the Purpose of an Internal Audit?

Audit

Audit Management Evaluation Activation

Governance 101: Why Separation of Duties is Non-Negotiable

LogisManager

MARCH 14, 2025

By enforcing SoD, organizations bridge silos between departments, ensuring that risk, compliance, audit, and operational teams work together while still maintaining proper oversight. Risk Assessment: Those evaluating risks shouldnt be responsible for mitigating them. Risk Assessor Evaluates risk severity and impact.

Government

Government Audit Mitigation Evaluation

Webinars

Are Robots Replacing You? Keeping Humans in the Loop in Automated Environments

MORE WEBINARS

Assessing Ransomware Risk with the Pure Storage Security Assessment

Pure Storage

DECEMBER 20, 2024

Assessing Ransomware Risk with the Pure Storage Security Assessment by Pure Storage Blog Summary The Pure Storage Security Assessment is a comprehensive evaluation tool that helps organizations identify and address vulnerabilities in their storage environment and offers actionable steps to help them reduce exposure to threats.

Security

Security Vulnerability Backup Evaluation

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team

Pure Storage

OCTOBER 14, 2024

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team by Pure Storage Blog Summary Strong leadership in cybersecurity has never been more critical. With a solid team and a culture of security, leaders can reduce risk and protect their organizations from cyber threats.

Cybersecurity

Cybersecurity Security Evaluation Vulnerability

The Role of GRC Software in FedRAMP Compliance: Essential Features and Benefits

Reciprocity

DECEMBER 20, 2024

Achieving and maintaining FedRAMP compliance involves managing hundreds of security controls, extensive documentation, and continuous monitoring requirements. Governance, Risk, and Compliance (GRC) software has become an essential tool for organizations navigating this complex landscape.

Audit

Audit Risk Reduction Authorization Alert

4 Keys to Consider When Evaluating Cloud Data Protection Tools

Solutions Review

DECEMBER 20, 2022

In this submission, Keepit Chief Customer Officer Niels van Ingen offers four essential keys to consider when evaluating cloud data protection tools. Generally speaking, however, business continuity, as it relates to cybersecurity, includes evaluating all the threats that could potentially disrupt business operations during a crisis.

Evaluation

Evaluation Backup Disaster Recovery Malware

What Is Cyber Extortion? Tips for Securing Your Data

Pure Storage

DECEMBER 17, 2024

Tips for Securing Your Data by Pure Storage Blog Summary Cyber extortion is a type of cybercrime thats surging. Publicized breaches erode confidence, particularly in industries like finance and healthcare, where data security is paramount. These tools check for known vulnerabilities and compliance with security standards.

Security

Security Vulnerability Cybersecurity Cyber Resilience

Cybersecurity Audit Checklist

Reciprocity

SEPTEMBER 11, 2024

The security system to protect those environments can easily have hundreds of individual parts, and all of those parts need to be looked at individually and as a whole. To assure that all those parts are working as intended, you should perform a cybersecurity audit. That said, the steps for a cybersecurity audit can be long.

Audit

Audit Cybersecurity Vulnerability Outsourcing

Managing Third-Party Risk in Healthcare Supply Chains

Reciprocity

MARCH 3, 2025

In healthcare, third-party risk extends beyond operational concernsit’s a matter of patient trust and data security. Manual vendor management creates critical vulnerabilities through fragmented documentation and inconsistent security assessments. For GRC professionals in healthcare, the stakes have never been higher.

Healthcare

Healthcare Management Risk Management Audit

Strengthening security resilience: A proactive approach to evolving threats

everbridge

MARCH 7, 2025

Security threats are shifting faster than ever. Security threats are evolving rapidly, shaped by a combination of cyber vulnerabilities, supply chain risks, geopolitical instability, and natural disasters. This blog explores key security challenges and provides actionable strategies for organizations looking to build true resilience.

Resilience

Resilience Security Emergency Response Emergency Response

What is COBIT? COBIT Explained

BMC

DECEMBER 5, 2024

COBIT is one such best practice framework, but its scope is unique from most frameworks in that it focuses narrowly on security, risk management, and governance. It was first introduced by the Information Systems Audit and Control Association (ISACA) in 1996, and has gone through many rounds of development since. What is ISACA?

Audit

Audit Government Technology Security

Vendor Onboarding Best Practices: Reducing Risk from Day One

Reciprocity

FEBRUARY 12, 2025

Manual processes create security gaps through scattered documentation and missed compliance checks. ZenGRC transforms this process with automated workflows and centralized risk assessment, enabling secure vendor relationships from day one. Your organization’s security is only as strong as its weakest vendor.

Evaluation

Evaluation Vulnerability Audit Risk Management

IT Audit Checklist for Your IT Department

Reciprocity

SEPTEMBER 5, 2024

An audit of your IT systems can identify and fix those potential disruptions before they happen – and an IT audit checklist can ensure that your IT department has the necessary resources in place to keep your systems safe. What Is the Main Goal of an IT Audit Checklist? Review critical network security practices, too.

Audit

Audit Backup Healthcare Asset Management

Maximizing Workplace Productivity With A Year-End Tech Refresh

LAN Infotech

NOVEMBER 21, 2024

Security Note: Automating processes often requires access to sensitive data. Ensure that any automation tools you choose follow strict security protocols, especially around data storage and access. Security Note: Collaboration tools can be a target for cyberthreats, especially when teams share sensitive information.

Cybersecurity

Cybersecurity Audit Evaluation Communications

What Is an Audit of Internal Control Over Financial Reporting?

Reciprocity

SEPTEMBER 5, 2024

One essential tool that bolsters this trust is an audit of internal control over financial reporting (ICFR). At its core, an ICFR audit evaluates the operating effectiveness of a company’s internal processes and controls that safeguard its financial statements from misrepresentation, either accidental or intentional.

Audit

Audit Evaluation Activation Communications

The Relationship Between Internal Controls and Internal Audits

Reciprocity

OCTOBER 7, 2024

Any modern organization looking to navigate today’s risk environment successfully needs both strong internal controls and ongoing internal audits. This guide aims to eliminate that confusion by explaining the meaning and importance of internal controls and internal audits. What Are Internal Audits?

Audit

Audit Corporate Governance Evaluation Activation

The Relationship Between Internal Controls and Internal Audits

Reciprocity

OCTOBER 7, 2024

Any modern organization looking to navigate today’s risk environment successfully needs both strong internal controls and ongoing internal audits. This guide aims to eliminate that confusion by explaining the meaning and importance of internal controls and internal audits. What Are Internal Audits?

Audit

Audit Corporate Governance Evaluation Activation

Crisis Management Explained: A Comprehensive Guide

Bernstein Crisis Management

MAY 19, 2023

Key activities in this stage include: Debriefing and evaluation: Reviewing the organization’s response to the crisis, identifying lessons learned, and evaluating the effectiveness of the crisis management plan. Externally Caused Crises These crises are triggered by external forces beyond the organization’s control.

Crisis Management

Crisis Management Management Evaluation Authorization

Audit Checklist for SOC 2

Reciprocity

DECEMBER 21, 2022

If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certification are the goals of a SOC 2 audit. The SOC 2 compliance audit gives them that assurance. Develop a SOC 2 Audit Framework. What is SOC 2?

Audit

Audit Gap Analysis Security Cybersecurity

How to Comply with FedRAMP: A Practical Guide to Authorization

Reciprocity

DECEMBER 17, 2024

Achieving FedRAMP authorization requires careful planning, comprehensive security implementation, and ongoing commitment to compliance. These tools can help centralize policy management and streamline documentation. This can significantly reduce the time and effort needed during the assessment phase.

Authorization

Authorization Gap Analysis Audit Vulnerability

4 Questions IT Managers Can Ask to Strengthen Data Backup and Resiliency

Solutions Review

OCTOBER 20, 2023

Additionally, it’s all too common for IT leaders to lose sight of the big picture while heads down at work, which increases the risk of being slow to respond and unprepared to get back up and running in the event of a security crisis. Opt for secure storage of local backups on portable hardware-encrypted external devices.

Backup

Backup Resilience Audit Management

Cyber Insurance For Small Business: Why You Need It And How to Get Covered In 2025

LAN Infotech

NOVEMBER 20, 2024

Regulatory Fines: If you handle customer data and don’t secure it properly, you could face fines or legal actions from regulators, especially in sectors like health care and finance. Routine Security Audits Regularly auditing your cybersecurity defenses and conducting vulnerability assessments help ensure your systems stay secure.

Insurance

Insurance Insurance Cybersecurity Audit

4 Questions IT Managers Can Ask to Strengthen Data Backup and Resiliency

Solutions Review

OCTOBER 20, 2023

Additionally, it’s all too common for IT leaders to lose sight of the big picture while heads down at work, which increases the risk of being slow to respond and unprepared to get back up and running in the event of a security crisis. Opt for secure storage of local backups on portable hardware-encrypted external devices.

Backup

Backup Resilience Audit Management

School Security & Active Shooter Interdiction: A Q&A With Vince Riden

Security Industry Association

AUGUST 4, 2022

One of SIA’s top advocacy priorities and an issue area that impacts nearly all of us to some degree is that of school safety and security. What is your background in the security industry, and how did you come to be involved in school security specifically?

Activation

Activation Security Architecture Mitigation

Efficient Compliance: Harmonizing Multiple Regulatory Frameworks

Reciprocity

MARCH 15, 2025

Compliance teams routinely struggle with overwhelming challenges: overlapping requirements, duplicative evidence collection, constant audit fatigue, and stretched resources. But what if you could leverage work you’ve already done to satisfy multiple requirements simultaneously? The result?

Audit

Audit Strategic Technology Healthcare

Ransomware Detection Part 2: How Data Protection Drives Resilience

Zerto

JULY 6, 2023

Traditional security measures are no longer sufficient, since cybercriminals constantly evolve their tactics to bypass defences. By evaluating the code’s characteristics, such as its encryption algorithms, heuristic analysis can detect ransomware strains that do not match known signatures.

Resilience

Resilience Audit Cyber Resilience Malware

Product’s Perspective: True Risk: Why External Vendor Ratings are Only Half the Picture

LogisManager

SEPTEMBER 24, 2021

Services are available to collect and review key vendor documents like contracts and SOC 2s, and they can even evaluate a vendor’s financial statements against its industry peers. How often has your organization negotiated the right to audit these vendors, only to let your audit rights go unexercised because of competing priorities?

Risk Management

Risk Management Audit Evaluation Healthcare

The Best Risk Management Software to Consider for 2021 and Beyond

Solutions Review

SEPTEMBER 9, 2021

Platform: Archer IT & Security Risk Management. Description: Archer IT & Security Risk Management enables users to document and report on IT risks and controls, security vulnerabilities, audit findings, regulatory obligations, and issues across their technology infrastructure. Fusion Risk Management.

Risk Management

Risk Management Management Audit Hospitality

The 7 Best Data Protection Officer Certifications Online for 2023

Solutions Review

APRIL 19, 2023

Platform: Coursera Description: A growing number of exciting, well-paying jobs in today’s security industry do not require a college degree. Instructional content and labs will introduce you to concepts including network security, endpoint protection, incident response, threat intelligence, penetration testing, and vulnerability assessment.

Cybersecurity

Cybersecurity Accreditation Disaster Recovery Evaluation

6 Ways Big Data Analytics Can Drive Down Costs

Pure Storage

JANUARY 20, 2022

By evaluating customer behavior, companies can create strategic marketing plans that target a particular customer cohort—for example, by offering personalized recommendations based on previous purchases or social media activity. Enhance Log Analysis to Understand Resource Needs.

Advertising

Advertising Retail Marketing Audit

SIA New Member Profile: Calibre Engineering

Security Industry Association

JANUARY 24, 2022

New Security Industry Association (SIA) member Calibre Engineering is a service-disabled veteran-owned small business that provides physical security foundational framework services. Stephan Masson, vice president of security services at Calibre. Army and his time as a security project director in the private sector.

Vulnerability

Vulnerability Audit Security Evaluation

Choosing the Right IT Infrastructure: Cloud, On-Premises, or Hybrid?

NexusTek

MAY 29, 2024

The choice between cloud, on-premises, and hybrid solutions is not merely a technical decision but a strategic one that impacts operational efficiency, cost management, security, and scalability. Challenges: Data Security and Compliance Cloud solutions allow businesses to easily scale resources up or down based on demand.

Internet

Internet Application Strategic Audit

Risk Assessment vs Risk Analysis

Reciprocity

APRIL 4, 2022

A risk assessment evaluates all the potential risks to your organization’s ability to do business. In security, risk assessments identify and analyze external and internal threats to enterprise data integrity, confidentiality, and availability. Security risks aren’t the only type of risk that organizations face.

All-Hazards

All-Hazards Mitigation Risk Management Hazard

CISA certification guide: Certified Information Systems Auditor explained

CIO Governance

JUNE 21, 2021

The Certified Information Systems Auditor (CISA) certification validates your knowledge for information systems auditing, assurance, control, security, cybersecurity, and governance. This globally recognized certification is one of the few certifications specifically designed for IT auditors.

Audit

Audit Evaluation Cybersecurity Consulting

What is Zero Trust Architecture?

Pure Storage

MAY 2, 2024

Zero trust is not a product, service, or technology; rather it’s a strategy and standard, and one that more enterprises are adopting in place of outdated security approaches. In this article, we’ll discuss what ZTA is, why it’s augmenting traditional perimeter network security, and how to implement it.

Architecture

Architecture Authentication Audit Activation

Mastering Effective Cybersecurity Research: Going From Data to Actionable Insights

FS-ISAC

SEPTEMBER 15, 2023

Analysis is the process of evaluating and interpreting data and turning it into actionable information. If we want to know if our network is compromised or has security gaps that could be more discovery. This approach allows me to evaluate the ROI. Both play a vital role as part of your security program.

Cybersecurity

Cybersecurity Internet Strategic Evaluation

How to Implement Threat Modeling in Your DevSecOps Process

Pure Storage

AUGUST 3, 2023

How to Implement Threat Modeling in Your DevSecOps Process by Pure Storage Blog This blog on threat modeling was co-authored by Dr. Ratinder Paul Singh Ahuja, CTO for Security and Networking, and Rajan Yadav , Director of Engineering, CNBU (Portworx), Pure Storage. Dr. Ahuja is a renowned name in the field of security and networking.

Authentication

Authentication Vulnerability Authorization Audit

NIST CSF 2.0: What It Is, Why It Matters, and What It Means for Your Data

Pure Storage

AUGUST 12, 2024

for your data storage are real: If you’re not using only the most flexible, secure, and affordable data storage, you’ll likely be out of compliance. Specific guidelines for securing IoT devices, which are often less protected yet highly interconnected. Overall Security Posture NIST 2.0 The implications of NIST 2.0 Why NIST 2.0

Cybersecurity

Cybersecurity Audit Evaluation Authentication

Managing Third-Party Risk in Healthcare Supply Chains

Reciprocity

MARCH 3, 2025

In healthcare, third-party risk extends beyond operational concernsit’s a matter of patient trust and data security. Manual vendor management creates critical vulnerabilities through fragmented documentation and inconsistent security assessments. For GRC professionals in healthcare, the stakes have never been higher.

Healthcare

Healthcare Management Risk Management Audit

ISO 27001 Certification Requirements & Standards

Reciprocity

DECEMBER 21, 2022

If using an ISO audit software tool to achieve ISO certification is on your compliance roadmap, here’s a quick primer to get you up to speed and jumpstart your ISO compliance efforts. The ISO 27001 family, published by the International Organization for Standardization, includes a set of standards for information security.

Audit

Audit Accreditation Gap Analysis All-Hazards

6 Reasons Why You Need SOC 2 Compliance

Reciprocity

OCTOBER 8, 2024

That said, if your business is a service provider, you should consider investing in the technical audit required for a SOC 2 report anyway. SOC 2 audits were developed by the American Institute of Certified Public Accountants (AICPA) to provide assurance over a service provider’s cybersecurity controls. What Is SOC 2?

Audit

Audit B2B Capacity Cybersecurity

6 Reasons Why You Need SOC 2 Compliance

Reciprocity

OCTOBER 8, 2024

That said, if your business is a service provider, you should consider investing in the technical audit required for a SOC 2 report anyway. SOC 2 audits were developed by the American Institute of Certified Public Accountants (AICPA) to provide assurance over a service provider’s cybersecurity controls. What Is SOC 2?

Audit

Audit B2B Capacity Cybersecurity

Cybersecurity Awareness Month: The Perfect Time to Implement and Mature Your Cyber Response Strategy

Castellan

OCTOBER 8, 2021

Cybersecurity Awareness Month, sponsored by the Cybersecurity & Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), takes place each October in the United States. It’s a collaboration between government and industry with a goal of providing resources to help Americans stay cyber safe and secure.

Cybersecurity

Cybersecurity Cyber Resilience Resilience Business Continuity

The chief information security officer (CISO) role explained

A Guide to Completing an Internal Audit for Compliance Management

Webinars

Trending Sources

Governance 101: Why Separation of Duties is Non-Negotiable

Webinars

Assessing Ransomware Risk with the Pure Storage Security Assessment

Cybersecurity Leadership: The Complete Guide to Building and Leading an Effective Security Team

The Role of GRC Software in FedRAMP Compliance: Essential Features and Benefits

4 Keys to Consider When Evaluating Cloud Data Protection Tools

What Is Cyber Extortion? Tips for Securing Your Data

Cybersecurity Audit Checklist

Managing Third-Party Risk in Healthcare Supply Chains

Strengthening security resilience: A proactive approach to evolving threats

What is COBIT? COBIT Explained

Vendor Onboarding Best Practices: Reducing Risk from Day One

IT Audit Checklist for Your IT Department

Maximizing Workplace Productivity With A Year-End Tech Refresh

What Is an Audit of Internal Control Over Financial Reporting?

The Relationship Between Internal Controls and Internal Audits

The Relationship Between Internal Controls and Internal Audits

Crisis Management Explained: A Comprehensive Guide

Audit Checklist for SOC 2

How to Comply with FedRAMP: A Practical Guide to Authorization

4 Questions IT Managers Can Ask to Strengthen Data Backup and Resiliency

Cyber Insurance For Small Business: Why You Need It And How to Get Covered In 2025

4 Questions IT Managers Can Ask to Strengthen Data Backup and Resiliency

School Security & Active Shooter Interdiction: A Q&A With Vince Riden

Efficient Compliance: Harmonizing Multiple Regulatory Frameworks

Ransomware Detection Part 2: How Data Protection Drives Resilience

Product’s Perspective: True Risk: Why External Vendor Ratings are Only Half the Picture

The Best Risk Management Software to Consider for 2021 and Beyond

The 7 Best Data Protection Officer Certifications Online for 2023

6 Ways Big Data Analytics Can Drive Down Costs

SIA New Member Profile: Calibre Engineering

Choosing the Right IT Infrastructure: Cloud, On-Premises, or Hybrid?

Risk Assessment vs Risk Analysis

CISA certification guide: Certified Information Systems Auditor explained

What is Zero Trust Architecture?

Mastering Effective Cybersecurity Research: Going From Data to Actionable Insights

How to Implement Threat Modeling in Your DevSecOps Process

NIST CSF 2.0: What It Is, Why It Matters, and What It Means for Your Data

Managing Third-Party Risk in Healthcare Supply Chains

ISO 27001 Certification Requirements & Standards

6 Reasons Why You Need SOC 2 Compliance

6 Reasons Why You Need SOC 2 Compliance

Cybersecurity Awareness Month: The Perfect Time to Implement and Mature Your Cyber Response Strategy

Stay Connected