Phalanx

Risk3sixty to Disrupt the GRC Market with Free Version of Phalanx GRC

Risk3sixty is offering companies a free GRC solution that has been built by experts with decades of experience in the industry. ATLANTA — June 27, 2022 – Risk3sixty has helped organizations assess, build, manage, and certify their security programs against multiple compliance frameworks including SOC 2 and ISO 27001 since 2016. Today, risk3sixty is releasing…

PCI DSS Readiness Checklist

PCI DSS Readiness Assessment # Policy Questions Yes No Partially In-Place Flag for Discussion 1 We have up-to-date security policies and procedures that align to industry standard best practices. ☐ ☐ ☐ ☐ 2 We have up-to-date business continuity and disaster recovery plan. ☐ ☐ ☐ ☐ 3…

Using SOC 2 to Demonstrate HIPAA Compliance

One important source of confusion with most organizations looking to pursue HIPAA compliance, is that there is no such thing as a “HIPAA certification”. Health and Human Services (HHS) has never issued or recognized any formal mechanism to achieve such certification. Instead, what you want is a legally defensible approach to “demonstrate HIPAA compliance” to…

SOC 2 Readiness Checklist

SOC 2 Readiness Assessment # Policy Questions Yes No Partially In-Place Flag for Discussion 1 We have up-to-date security policies and procedures that align to industry standard best practices. ☐ ☐ ☐ ☐ 2 We have up-to-date business continuity and disaster recovery plan. ☐ ☐ ☐ ☐ 3 We have…

SOC 2 is meant to be customized

Many organizations pursuing a SOC 2 report for the first time get frustrated when trying to achieve compliance. The biggest frustration is the misconception that SOC 2 dictates a rigid set of control requirements and evidence to demonstrate compliance. If you are pursuing a SOC 2, you should know that you can customize your set…

How to use SOC 2 and ISO 27001 to build a Risk Management Program

Don’t treat a compliance initiative as a check-the-box activity. Instead, use it as an opportunity to get your leadership team on board with properly managing risks through the formalization of a risk management program. Compliance can mobilize your organization to start viewing risk management as an important business objective. 5 Ways to use compliance as…

1 2 3 Next »