Resources Archive

SOC 2 Compliance: 4 Ways to Prevent Personnel Problems

The global coronavirus pandemic, the Great Recession, and the Great Resignation have significantly disrupted staffing at all levels at many organizations. These issues could also derail or halt your SOC 2 compliance journey. Here are 4 steps to preparing and mitigating personnel problems:
1) Capture relevant institutional knowledge before it leaves
2) Get your policies together
3) Keep all documentation current
4) Get compliance automation software

Blog

SOC 2 Compliance: Questions and Answers with Compliance Expert Bert Friedman

This Q&A session was pulled from a recent episode of Everything Compliance featuring Bert Friedman. Bert Friedman is Head of Compliance at business banking startup Nearside and former Vice President of Compliance for the Financial Intelligence Unit of Chicago’s Community Choice Financial, Inc. Learn what Bert has to say about dealing with auditors and common SOC 2 compliance misconceptions.

Blog

SOC 2 Controls: Access Removal for Terminated or Transferred Users

This SOC 2 control focuses on ensuring the timely removal of access rights from users who have been terminated and those who have been transferred to new roles. The control also stipulates that removal or revision of access rights takes place in a timely fashion, typically within one business day, and is both verified and documented.

Blog

SOC 2 Compliance: 6 Steps to a Perfect Audit with Trustero

A SOC 2 audit can take months and cost tens of thousands of dollars. Here are six steps you can take to maximize the likelihood of passing that audit successfully and begin moving toward the multiple business benefits of continuous compliance with Trustero.
1) Establish Scope
2) Develop and Capture Policies
3) Align Policies
4) Identify and Capture Evidence
5) Test Your Evidence
6) Document and Track Progress

Blog

SOC 2 Compliance: Experts Refute 5 Common Misperceptions

There are multiple misperceptions about SOC 2 compliance that can delay or even derail your compliance journey. Learn how to avoid these misperceptions from the following auditing, compliance, and cybersecurity experts:
– Liam Collins, Armanino
– Richard Stiennon, IT-Harvest
– Bert Friedman, Nearside
– David Carter, Delta Dental

Blog, Videos

Trustero Video: Everything Compliance with David Carter of Delta Dental

This episode of “Everything Compliance” features David Carter, Senior Manager of Cyber Risk Assurance at Delta Dental. The Delta Dental Plans Association includes 39 independent Delta Dental member companies that provide coverage to some 68 million people. David has more than 16 years’ experience in compliance and information security.

Blog

SOC 2 Compliance: Culture, Not Checkboxes

Too many business decision-makers view SOC 2 incorrectly, increasing risk and limiting the multiple benefits it can bring to their companies. With the ever-growing importance of SOC 2, it is vital that you ensure your company builds a culture of compliance instead of focusing on checking the boxes. Read on to learn about some of those benefits and how to avoid missing out on them.

Blog

Everything Compliance: More Qs and As with Cybersecurity Expert Richard Stiennon

In a previous post based on his “Everything Compliance” conversation with Trustero Vice President of Marketing and Business Development Kimberly Rose, Richard described how the pursuit of SOC 2 compliance can improve cybersecurity for SMBs. This post features his thoughts on some common cybersecurity mistakes SMB decision-makers make and how best to avoid them.

Blog

SOC 2 Controls: Encryption of Data at Rest

Understanding controls is integral to the completion and success of your SOC 2 audit. This first entry into a series of control blogs dives deep into the Encryption of Data at Rest control, which is pivotal for protecting stored data within companies. Learn why this control matters, who it affects and more.

Blog

Everything Compliance: Questions and Answers with Cybersecurity Expert Richard Stiennon

In a wide-ranging and informative conversation with Trustero Vice President of Marketing and Business Development Kimberly Rose, Richard describes how the pursuit of SOC 2 compliance can improve cybersecurity. He also offers views on some of the cybersecurity challenges facing SMBs. Below is an edited summary of highlights from that conversation.

Blog, Videos

Trustero Video: Everything Compliance with Bert Friedman of Nearside

This episode of Trustero’s Everything Compliance podcast features Bert Friedman, Head of Compliance at business banking startup Nearside (formerly known as Hatch). Bert has also served as Chief Compliance Officer for financial technology (FinTech) company Deserve, and Vice President of Compliance for the Financial Intelligence Unit of Chicago’s Community Choice Financial, Inc.

Blog

SOC 2 Compliance: Your Key Stakeholders

Your pursuit of SOC 2 compliance is intended to deliver multiple benefits to your business and its operations. Your compliance efforts must include representation of and participation by the teams and roles most critical to your business. Based on guidance from auditors and experienced compliance managers, here are seven sets of stakeholders you must make sure to include.