Skip to content
Design Compliance and Security, LLC
  • Home
  • Services
    • Compliance Program Management
    • SSAE 18 / SOC 1 Audits
    • SOC 2 Audits
    • SOC 3 Audits
    • Security Awareness Training
    • eramba
    • Penetration Testing
  • Blog
  • About Us
  • Community
    • Community Slack Channel
  • Contact Us
  • Portal
  • 1-888-959-6934
Risk Mitigation

SOC 2 CC9: Common Criteria related to Risk Mitigation

by David Schroth
Change Management

SOC 2 CC8: Common Criteria related to Change Management

by David Schroth
SysOps

SOC 2 CC7: Common Criteria related to System Operations

by David Schroth
Logical and Physical Access

SOC 2 CC6: Common Criteria related to Logical and Physical Access

by David Schroth

SOC 2 CC5: Common Criteria related to Control Activities

by Adam Fowler
Monitoring

SOC 2 CC4: Common Criteria related to Monitoring Activities

by Adam Fowler
Risk Assessment

SOC 2 CC3: Common Criteria related to Risk Assessment

by Adam Fowler
communication

SOC 2 CC2: Common Criteria related to Communication and Information

by Adam Fowler

SOC 2 CC1: Common Criteria related to the Control Environment

by David Schroth

Third Party Vendor Management: What You Need to Know

by Adam Fowler

SOC 1 vs. SOC 2: What is the Difference?

by Adam Fowler

Explained: Security Incident Response Plan

by Adam Fowler
Bridge Letter

Bridge Letter: Things You Should Know

by David Schroth

Explained: Microsoft’s SSPA Program

by Gary Gaboury
SecurityAwarenessTraining

Does My Company Need Security Awareness Training?

by Adam Fowler
DoI

Do I Really Need a SOC 1 or 2 Report?

by David Schroth
OneOrTwo

How to select a Type 1 or Type 2 SOC Report

by David Schroth

Join our community Slack Channel where we discuss all things Audit, Security, GRC by clicking here.

Copyright © 2023 Design Compliance and Security, LLC