Security & Compliance Blog

Stay informed on changing compliance regulations

Get A Fixed Fee Quote Today Request a Free Quote

SOC 1 SSAE 18 Readiness Assessment from NDB - Fixed Fees

Need to perform a SOC 1 SSAE 18 audit, but not sure where to begin? The very best – and first – place to start the audit process is with a SOC 1 SSAE 18 Scoping & Readiness Assessment. When performed correctly – by a competent CPA firm – the benefits are tremendous, indeed. NDB offers fixed-fee audits, and as part of the process, also includes an upfront SOC 1 SSAE 18 Scoping & Readiness Assessment as part of overall auditing lifecycle.

Benefits of a SOC 1 SSAE 18 Scoping & Readiness Assessment

Determine actual Scope of the Audit: The very first – and most important issue – to determine when embarking upon SOC 1 SSAE 18 compliance is determining the actual scope of the audit. Specifically, what’s the business process in scope? Remember, that it’s important to understand how your services impact financial reporting for clients, a concept known as ICFR.

After all, the core reason why a SOC 1 SSAE 18 audit is being performed - and not a SOC 2 audit – is because there’s a direct financial implication involved with your clients. Simply stated, how do you affect your client’s financial reporting. Bottom line – get to the heart of the issue regarding ICFR. A highly competent CPA firm, such as NDB – can help with this very important issue. To learn more, contact Christopher Nickel, CPA, at 1-800-277-5415, ext. 706, or email him directly at This email address is being protected from spambots. You need JavaScript enabled to view it. today. NDB offers a wide-range of regulatory compliance services and solutions for businesses all throughout North America and Europe.

  172 Hits
172 Hits

Q: How to be SOC 2 Compliant?

Q: How to be SOC 2 Compliant?

Answer: Need to be SOC 2 compliant? Here is what you need to know about the growing need for businesses all throughout North America seeking to become SOC 2 compliant, courtesy of NDB, one of the country’s leading providers of SOC 1 and SOC 2 audit & assessment reports.

6 Easy Steps in Becoming SOC 2 Compliant

1. Choose an Experienced CPA Firm. There are a number of well-qualified CPA firms all throughout the country that specialize in SOC 2 compliance, so you should not have any problem obtaining multiple proposals from experienced firms. Note: If your production environment is in the cloud with Amazon AWS, Microsoft Azure, or even Google GCP, then it’s important to choose a firm with cloud auditing expertise.

2. Understand the Basics of SOC 2 Compliance. So, what is SOC 2? Is it an audit? A certification? A process? There’s quite a bit of miscommunication regarding what SOC 2 is and what it isn’t. With that said, let’s clear the air and give you the basics of SOC 2. Here’s what you need to know: (1). SOC 2 is a control framework developed by the American Institute of Certified Public Accountants. (2). Achieving SOC 2 compliance does not result in a certificate being issue. (3). SOC 2 is generally an annual requirement.

  166 Hits
166 Hits

SOC 2 Trust Services Criteria – Introduction & Overview

SOC 2 Trust Services Criteria – Introduction & Overview

Let’s take a deep dive into the SOC 2 Trust Services Criteria and provide you with a clear and transparent understanding as you begin the process of becoming SOC 2 compliant. So, what exactly are the SOC 2 Trust Services Criteria? They are essentially criteria that form the very basis of a SOC 2 audit, relying heavily on information security and data privacy best practices. The following five (5) Trust Services Criteria that can be used when performing a SOC 2 audit.

  • Security
  • Availability
  • Confidentiality
  • Processing Integrity
  • Privacy

Simply stated, when you decide to embark on the road towards SOC 2 compliance, you and your SOC 2 auditor will ultimately determine which of the five (5) Trust Service Criteria will be included within the scope of the engagement. Let’s take a look at each of them:

Security: The SECURITY TSP is the most commonly assessed TSP, and for good reason; It essentially sets the basis for the entire audit. In fact, the vast majority of service organizations undertaking SOC 2 compliance opt for just the SECURITY TSP, and nothing else. This is generally the case as they begin to trek into the world of compliance. After a few years, it is common to find that additional TSP’s are added on as part of the overall audit scope. Ultimately, it depends on the needs of your customers and what they demand and expect in terms of compliance.

  129 Hits
129 Hits

How Often Do You Have to Do a SOC 2 Report?

Q: How Often Do You Have to Do a SOC 2 Report?

Answer: Generally speaking, (and while there is no hard and fast rule), SOC 2 reports are required annually from service organizations as validation that their controls are operating as designed. The once a year rule has been the consensus in that if you conduct your initial SOC 2 audit in year 1, then approximately twelve months later, a service organization should provide yet another report on the operating effectiveness of their controls. It’s a yearly process, and why? That’s because intended users of a SOC 2 report (i.e., clients, prospects, etc.) will want to gain assurances of a service organization’s control environment on a yearly basis – at a minimum.

6 Things to Know About SOC 2 Reports

(1). Start off with a Scoping & Readiness Assessment. It’s fundamentally important to perform an upfront scoping exercise for determining project scope, gaps that need to be corrected, third-parties that are going to be included in the audit, and much more.

(2). Remediation is Common, so don’t Be Alarmed. Very common, and it typically requires a thoughtful approach to remediating three (3) key areas. Remediating deficiencies in policies and procedures. Remediation deficiencies in terms of security tools and solutions. And remediating deficiencies in terms of operational issues. Together, these three areas can take time – no question about it – all the more reason for working with a proven, trusted firm with years of experience in helping service organizations all throughout the country, and that’s NDB.

(3). Documentation is Critically Important. Yes, it is. And when we speak about documentation, we’re talking about policies and procedures that need to be in place. Think access control, data backup, incident response, change management, and much more. Do you have policies and procedures in place for these areas – if not – you’ll need to start documenting them, and now. NDB offers a full-spectrum of policy templates – just another reason why service organizations turn to us time and time again.

Here's a short-list of information security policies and procedures you’ll need for becoming – and staying – SOC 2 compliant:

  • Access control policies and procedures
  • Data retention and disposal policies and procedures
  • Incident response policies and procedures
  • Change management policies and procedures
  • Contingency planning
  • Wireless Access
  • Usage policies

(4). Security Tools and Solutions will Need to be Acquired. The AICPA SOC framework is becoming more technical these days, meaning that a number of security tools and solutions are required for SOC 2 compliance. Think File Integrity Monitoring (FIM), Two-Factor Authentication (2FA), Vulnerability scanning, Data Loss Prevention (DLP) and more. This requires an investment in both time and money that many service organizations are unaware of until they begin the process.

  153 Hits
153 Hits

How to Become SOC 2 Compliant?

Q: How to Become SOC 2 Compliant?

Answer: The process begins with what’s known as a SOC 2 Scoping & Readiness assessment, then culminates with the issuance of a SOC 2 Service Auditor’s Report. The readiness is the first step, and the audit report is the last step, so let’s fill in the blank and talk about all the steps in between on how to become SOC 2 compliant, courtesy of NDB, North America’s leading providers of SOC 2 compliance reports for service organizations.
Step-by-Step Process on How to Become SOC 2 Compliant.

1. Begin with a SOC 2 Scoping & Readiness Assessment: One of the most fundamentally important steps a service organization can take in becoming SOC 2 compliant is to begin with a SOC 2 Scoping & Readiness assessment. It’s not an additional cost that you have to incur, rather, an extremely beneficial and proactive pre-assessment process that helps identify control gaps, audit, scope, personnel participation, and so much more. Trying to become SOC 2 compliant with little or no preparation in the front-end is an actual recipe for disaster.

When performed by competent auditors, a SOC 2 Scoping & Readiness Assessment will ultimately save your organization both time and money in the long-run with SOC 2 compliance. To learn more, contact Christopher Nickell, CPA, at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

2. Define the actual “Business Process”: As a service organization undergoing SOC 2 compliance, it’s important to identify what the actual business process is that’s going to be included in the scope of the SOC 2 audit. This is an important step because you’ll want to determine exactly what systems and related processes are going to be assessed and examined, thus mitigating any scope creep issues with the SOC 2 audit.

3. Choose the Relevant TSP’s: There are five (5) Trust Services Criteria to choose from – Security, Availability, Confidentiality, Processing Integrity, and Privacy. Each of them are unique, requiring a thoughtful analysis on which of the TSP’s you’ll want to include within the scope of your SOC 2 assessment. The vast majority of service organizations usually only choose the Security TSP, and that’s because it covers a large-range of critical I.T and operational issues and best practices.

  181 Hits
181 Hits

Q: How Often are SOC 2 Reports Required?

Q: How Often are SOC 2 Reports Required?

A: We’re often asked “how often are SOC 2 reports required” and the best way to answer this is by giving you a little background on SOC 2 reporting. Generally speaking, service organizations will undergo an annual SOC 2 audit report, usually beginning with a SOC 2 Type 1 in the initial year, then followed up by subsequent SOC 2 Type 2 reports thereafter. With that said, it’s fairly easy to assume that SOC 2 reports are required annually, which again, is the generally accepted practice.

Any SOC 2 report older than a year in terms of reporting is often known as a “stale” report, meaning the assessment of controls is historically dated, giving the report only marginal – if any – use and applicability by the intended user. Here’s an example of how this plays out in the world of SOC 2 reporting.

Here's an Example of How Often a SOC 2 Report is Required

Let’s say you are Software as a Service (SaaS) provider in need of a SOC 2 report for your growing client base. You then engage with an auditing firm to determine scope, pricing, and also the actual assessment period for the SOC 2 audit. If you’re new to the SOC 2 auditing process, you’ll probably start with a scoping & readiness assessment, followed by a SOC 2 Type 1 audit, then a SOC 2 Type 2 audit. Let’s assume the following dates: You completed your SOC 2 Type 1 on June 30, 2019, and you then moved forward with a SOC 2 Type 2 audit report for an assessment period that covered July 1, 2019 – December 31, 2019.

  400 Hits
400 Hits

Charles Denyer and Former Vice President Dick Cheney - Jackson Hole, Wyoming

From the final days of Watergate to the great financial crisis of 2008, Dick Cheney has been front-and-center in many of America’s most significant and consequential political events since the 1970's. Cheney’s political resume is nothing short of legendary – youngest Chief of Staff to ever serve a President of the United States, Wyoming’s lone Congressman for a decade, Secretary of Defense under the first President Bush, and the 46th Vice President of the United States under George W. Bush from 2001 to 2009.Dick Cheney Charles Denyer

  415 Hits
415 Hits

Denver SOC 2 Type 1 and Type 2 Audits – Denver, Colorado – Boulder, Fort Collins, Golden

NDB offers comprehensive SOC 2 compliance assessments for businesses all throughout Colorado and the Rockies, from Denver to Boulder, Fort Collins, Golden, Colorado Springs, and all other geographic regions in Wyoming and Montana. The regulatory compliance landscape has shifted dramatically in recent years, requiring many businesses in and around Colorado to become SOC 2 compliant on an annual basis.

As for high-quality auditing services, fixed-fee pricing, and a household name that’s truly second-to-none, look no further than the experts at NDB. We’ve been on the frontlines of regulatory compliance for years, issuing SOC 2 reports all throughout North America for companies of all sizes and industries. From startups to multi-national organizations, NDB has the bandwidth and expertise for helping Colorado businesses succeed in today’s demanding world of regulatory compliance.

We are the SOC 2 Experts for Colorado Businesses – Fixed-Fee Pricing

Many businesses throughout the Denver area will no doubt have to undertake annual SOC 2 compliance – an assessment process that’s often looked upon as expensive, time-consuming and demanding – but not with the auditing experts at NDB. The key to SOC 2 auditing success is understanding many of the critical facets that constitute a successful audit, so take note of the following essential elements for helping your business when it comes to SOC 2 compliance:

  370 Hits
370 Hits

SOC 1 SSAE 18 Type 2 Audits – Denver, Colorado, Boulder, Fort Collins

NDB offers SOC 1 SSAE 18 Type 2 reporting for service organizations all throughout the state of Colorado, including Denver, Boulder, Fort Collins, and other surrounding areas. As leaders in today’s complex compliance world we all live in, NDB provides competitively priced, fixed fee assessments for all services offered, which includes SOC 1 and SOC 2 reporting, and more. With technology companies littered throughout the state of Colorado, the high-tech boom is back – and here to stay – but with that also comes massive regulatory compliance mandates, such as SOC 1 SSAE 18, SOC 2, and more.

Important SOC 1 Considerations for Colorado Businesses

While most technology companies in the Denver areas “should” be opting for the more technically correct SOC 2 compliance, you’ll still find the likes of data centers and other tech-driven companies undergoing annual SOC 1 SSAE 18 assessments – which is still somewhat acceptable – though the shift to SOC 2 assessments is gaining tremendous momentum for technology businesses. With that said, here’s what Colorado services organizations need to know about SOC 1 SSAE 18 Type 2 compliance:

SOC 1 and SOC 2: As just briefly discussed, work with your auditor, communicate with your clients – and also have discussions internally as to what’s the best audit, then move forward accordingly. The more you discuss your needs with all relevant parties and stakeholders, the more clarity you’ll have as to which report – SOC 1 or SOC 2 – is the better fit.

Test Period: A SOC 1 SSAE 18 Type 2 assessment encompasses testing procedures over a defined test period – usually six (6) months – but there are circumstances where it can be a shorter test period, and even a longer one also. This ultimately depends on your reporting needs and client expectations.

  366 Hits
366 Hits

SOC 2 for Startups - What you Need to Know NOW for SOC 2 Type 1 and Type 2 Compliance

Here is what you need to know about SOC 2 for Startups, provided by NDNB. 

 SOC 2 For Start Ups 2019

When it comes to SOC 2 for startups, NDNB has helped hundreds of businesses throughout the last decade. We have a proven process that works, saving you both time and money in today’s growing world of regulatory compliance reporting. To learn more about SOC 2 for startups, contact Christopher Nickell, CPA at 1-800-277-5415, ext. 706, or email him at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

  400 Hits
400 Hits

SOC 1 vs. SOC 2 | AICPA | Understanding the Key Differences & Similarities and What You Need to Know

Thanks largely in part to the launch of the American Institute of Certified Public Accountants' (AICPA) SOC framework, the SOC 1 vs. SOC 2 discussion is well under way.

SOC stands for "System and Organization Controls", which allows qualified practitioners (i.e., licensed and registered Certified Public Accountants) to issue SOC 1, SOC 2, and/or SOC 3 reports.

After the SSAE 16 standard (which is used for issuing SOC 1 reports, and has been replaced with SSAE 18) effectively replaced the longstanding SAS 70 auditing standard for reporting periods ending on or after June 15, 2011, there has been much debate regarding SOC 1 vs. SOC 2 – specifically, when are they applicable, what is the respective scope for each, and what similarities or differences do they each share.

System and Organization Control (SOC 1) reports are to be conducted in accordance with Statement on Standards for Attestation Engagements No. 18 (SSAE 18). This AICPA attestation standard was intended not only to replace SAS 70 and SSAE 16, but also to reincorporate the auditing process with the concept of internal controls over financial reporting, or ICFR.

The SOC framework places elevated importance on the ICFR component for service organization reporting, thus advocating service organizations to opt for SOC 1 if the organization has a true nexus with ICFR, such as those in the financial services industry.

  395 Hits
395 Hits

SSAE 18 and Payroll and Check Processing Companies | Type 1 and Type 2 Reporting

SSAE 18 Type 1 and Type 2 reporting for payroll providers and check processing companies have a close relationship indeed. Many organizations outsource these material functions to service organizations that provide traditional payroll processing (including the entire lifecycle of the processing platform itself), printing and mailing of hard-copy checks, and multiple other critical services.

If you are a payroll and/or check processing company, or any other type of service organization providing critical services to the payroll industry as a whole, then SSAE 18 Type 1 and Type 2 reporting should be on your radar.

  363 Hits
363 Hits

The Importance of SOC 2 Compliance Audits in Today’s Digitally Driven Economy

Information technology has created tremendous efficiencies and cost-savings for businesses all throughout the globe, many of which were seemingly not even thought to be possible in the last decade. Organizations everywhere are now even more nimble & proactive in critical decision-making processes than ever before. But with such big rewards also come incredibly large challenges, many relating to the safety and security of highly sensitive client data.

Today’s business platforms rely heavily on cloud-based services and platforms, ranging from the well-known Software as a Service (SaaS) offerings to Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and many other hybrid cloud models. While different in terms of offerings and functionality, all cloud platforms rely on critical services and related policies, procedures, and processes for ensuring their confidentiality, integrity, and availability (CIA).

Currently, the most widely recognized security assessment performed on cloud based businesses is the American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC) 2 audit. What makes SOC 2 such a well-known and highly respected auditing platform, one that’s embraced by thousands of companies around the world?

  367 Hits
367 Hits

SOC 2 Audit Checklist for Amazon AWS Environments

Use our SOC 2 audit checklist if you’re using Amazon’s AWS cloud services and need to become SOC 2 compliant each year. With the migration to the cloud happening at record pace, tens of thousands of businesses are now being required to become SOC 2 compliant each year, and NDNB offers a proven process that’s efficient and comprehensive. Here’s what you need to know – and what you need to do – for ensuring your SOC 2 audit is a success.

1. Begin with a SOC 2 Scoping & Readiness Assessment:  Understanding scope and the what business processes are to be included within your SOC 2 audit is essential, and also for mitigating any type of scope creep issues. Because you’re hosting your services (i.e., your production environment) in AWS, it luckily means there are a number of benefits to be had with your SOC 2 audit. First, a large number of the physical security controls are covered by AWS themselves as their private data centers store your virtual server instances.

Second, AWS has a fair number of audit & compliance, and control tools & solutions that are easy to “spin up” in any environment, further helping alleviate compliance reporting requirements (more on this in point #3 below!)

2. Leverage AWS’ SOC Reports for Scope Reduction: For the CPA firm you hired to perform your SOC 2 audit, they’ll ask for you to obtain a copy of AWS’ most current SOC 2 report, and for a very obvious reason – scope reduction. A large number of the controls you’ll need for SOC 2 compliance are actually covered by AWS’ report. From physical and environmental controls – and more – leveraging AWS’ SOC 2 report is a must. Scope reduction = price reduction, something a well-versed SOC 2 auditor can explain to you. To learn more, contact CPA Christopher Nickell at 1-800-277-5415, ext. 706 today.

3. Identity and Utilize AWS’s Security and Compliance Tools: Familiar with CloudWatch and CloudTrail? CloudWatch logs reports on application logs, while CloudTrail Logs details on specific information on what occurred in your AWS account. These are just a few examples of the many tools that AWS has available for your growing security, governance, and regulatory compliance needs.

  527 Hits
527 Hits

SOC 2 Audit Assessments & Reporting – Texas (Dallas, Houston, Austin) - Fixed Fees

NDNB provides comprehensive SOC 2 audit and compliance assessment services & SOC reporting for businesses in Dallas, Houston, Austin, and other surrounding locations in Texas. With increased regulatory requirements being placed on businesses all throughout North America – and the globe – now’s the time to talk to the experts at NDNB. We offer fixed-fee pricing and high-quality audit services, so contact Chris Nickell at 1-800-277-5415, ext. 706 to learn more about NDNB’s SOC 2 assessments for Texas businesses, or email Chris directly at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

Comprehensive SOC 2 Services for Texas Businesses – Fixed Fees

Services offered by NDNB for businesses located in Dallas, Houston, Austin, and other surrounding locations in Texas include the following:

SOC 2 Scoping & Readiness Assessments: One of the most fundamentally important activities to be performed during the SOC 2 audit process is beginning with a scoping & readiness assessment; an invaluable function for helping service organizations adequately determine project scope, areas requiring remediation (i.e., policies and procedures, technical changes/modifications, etc.), assessing personnel needs, physical locations to visit, and more.

  389 Hits
389 Hits

SOC 2 HIPAA Compliance & SOC 2 Audits

NDB offers fixed-fee SOC 2 HIPAA audit reports & assessments consisting of SOC 2 Type 1 and SOC 2 Type 2 audits for organizations seeking compliance with the Health Insurance Portability and Accountability Act (HIPAA). Ensuring the safety and security of Protected Health Information (PHI), Personally Identifiable Information (PII), and other forms of highly confidential consumer/patient data is now more important than ever.

Additionally, many of today’s main healthcare exchanges and large insurance carriers are requesting SOC 2 HIPAA reports from their downstream providers, which consist of thousands of organizations offering various healthcare related services.

  512 Hits
512 Hits

SOC 2 Audit Process from A to Z for Compliance

Looking to learn about the SOC 2 audit process from beginning to end? A simple, yet comprehensive and easy-to-understand process on what it takes to become SOC 2 compliant for your organization? NDNB, one of North America’s leading providers of SOC 1 and SOC 2 audits offers the following A to Z explanation of the SOC 2 audit process.

Step 1: Understand Exactly what SOC 2 is.

Ask any number of professionals what SOC 2 is and you’ll probably get quite a few different answers. Some answers we hear are the following:

  • It’s an audit
  • It’s a certification
  • It’s a best practice for operations and information security
  • It’s a checklist that can be quickly completed

In simple terms – as simple as we can make it – System and Organization Controls (SOC) 2 is a comprehensive reporting framework put forth by the American Institute of Certified Public Accountants (AICPA) in which independent, third-party auditors (i.e., CPA’s) perform an assessment and subsequent testing of controls relating to the Trust Services Criteria of Security, Availability, Processing Integrity, Confidentiality and/or Privacy.

  449 Hits
449 Hits

SOC 2 for Startups – A Simple, Straightforward Approach to Compliance

SOC 2 for startups is an interesting topic as one would think that a small, relatively non-complex environment would be easy for obtaining SOC 2 (or even SSAE 18 SOC 1) compliance. Well, yes and no. Don’t you hate the political in the middle answer! Truth be told, the yes part of the answer is that working with a small group of professionals, generally located in one physical location, can make SOC 2 for startups easy going. The no part of the answer is that startups generally lack any type of real and meaningful policies, procedures, and processes. Change control processes? Probably not in place. Documented incident response procedures? Probably not well documented! Security awareness training? Hmm, nope, not being done! Get the picture. That’s the yes and no.

  1350 Hits
1350 Hits

SOC 2 Reports | Type 1 & Type 2 | Fixed Fees | Dallas, Houston, Austin, Texas

SOC 2 reports are in high demand today, especially when it comes to the ever-growing number of technology-oriented service organizations who are providing critical outsourcing services to other businesses. NDNB provides high-quality, competitively priced, fixed fee SOC 2 reports for both Type 1 and Type 2 reports for Dallas, Houston, and Austin, Texas businesses.

Take a page out of the NDNB playbook for Dallas, Houston, and Austin, Texas businesses, making note of the following best practices and other important criteria regarding SOC 2 reports:

SOC 1 vs. SOC 2

Make sure you that your business is performing the “correct” audit when it comes to SSAE 18 SOC 1 and SOC 2. SOC 1 assessments are for service organizations performing ICFR functions, while SOC 2 assessments are aimed at technology companies – data centers, SaaS, IaaS, PaaS, managed services, and others. There is a difference between SOC 1 and SOC 2, and deciding on which assessment generally begins with client requests and demands.

Pick the Correct Trust Services Principles

Simply known as the TSP’s, there are five (5) of them, which are the following: 1. Security. 2 Availability. 3. Processing Integrity. 4. Confidentiality. 5. Privacy. They are each unique in that they assess a specific area within a service organization’s control environment, ranging from processes and procedures to essential services and functions being performed by a company. As to which of the five (5) TSP’s to include in your SOC 2 audit – good question – and this really comes down to client needs and expectations, along with other variables, such as industry specific/market needs, etc.

  477 Hits
477 Hits

SOC 2 Audits vs PCI DSS Compliance – Introduction and Overview

SOC 2 vs PCI Compliance – Introduction and Overview

As auditors, we’re often asked to provide a comprehensive overview regarding SOC 2 vs PCI compliance. More specifically, businesses that have to undertake both SOC 2 audits and PCI DSS assessments on an annual basis want to learn more about the respective frameworks, what overlaps and mapping of controls exist, pricing, and much more. Well, let’s get started and take a deep dive into SOC 2 vs PCI compliance, compliments of NDNB, one of North America’s leading providers of high-quality, fixed-fee audit services from coast to coast.

An Introduction to SOC 2

System and Organization Controls (SOC) 2 is a comprehensive reporting framework put forth by the American Institute of Certified Public Accountants (AICPA) for which independent, third-party auditors, such as a CPA and/or CPA firm, perform an assessment and subsequent testing of controls relating to the Trust Services Criteria (TSP) of Security, Availability, Processing Integrity, Confidentiality and/or Privacy.

  2350 Hits
2350 Hits
Since 2006, NDNB has been setting the standard for security & compliance regulations