Audit & Compliance Awareness

What is California Consumer Privacy Act (CCPA) Compliance?

Lazarus Alliance 0 Comment
Tailored MSP privacy audit services by Lazarus Alliance

In a previous article, we discussed GDPR compliance for businesses in the European Union. Simply put, GDPR changed the way that businesses can use consumer data for marketing and business purposes while giving more control to consumers in terms of how that data is stored, deleted or transmitted. 

While GDPR is not a standard in the United States (and in many ways, GDPR contradicts U.S. laws), several states have introduced their own, more rigorous compliance standards to protect consumers. One of these is the California Consumer Privacy Act or CCPA. This law creates several standards that businesses must follow in the state of California to protect customer data. 

Read More

Awareness Risk Management

What is the Risk Management Framework (RMF)?

Lazarus Alliance 0 Comment
Robust NIST 800-53 framework certification by Lazarus Alliance 

The Defense Industrial Base (DIB) supply chain is integral to the security and well-being of our country and includes everyone from government agencies to IT contractors providing software, applications and cloud services to those agencies. It seems obvious that the regulations pertaining to these companies and their products would be more stringent than others, and would include more than simple security measures. That’s where RMF plays a major role. 

In this article, we discuss RMF and how it breaks down into actionable steps. Furthermore, we will discuss the importance of risk management for DoD contractors and why you should work with experts in managing your own risk. 

Read More

Audit & Compliance Awareness

Who Performs SOC 2 Audits? The Importance of Cybersecurity Expertise in Auditing

Lazarus Alliance 0 Comment
SOC 1, SOC 2 and SOC 3 SOC Audit and Assessments; we are ready when you are! Call +1 (888) 896-7580 today.

Service Organization Control (SOC) audits exist to demonstrate a business or other organization’s readiness in areas like cybersecurity, risk management, data management and other areas. These certifications, especially from SOC 2 audits,  are highly sought-after because they show how dedicated your organization is to the safety and security of user data. These audits, conducted by certified SOC auditors, are intended to be a thorough and rigorous examination of your capabilities and how they promote guiding principles of security, privacy and confidentiality. 

Because of the licensing and authorization structure of the SOC auditing ecosystem, however, it is sometimes difficult to understand the capabilities of an auditor. Even now, some firms advertise SOC 2 audits that take as little as 2-4 weeks! 

This article attempts to dispel the myth of a rapid SOC 2 audit, and why working with trained and dedicated security firms supports better cybersecurity practices. 

Read More