Faced with a pandemic, millions of people all over the world were suddenly forced to work from home. While people adapt to unique circumstances, there are significant technological hurdles for businesses, with entire teams transitioning to remote work. Mitigating risks and complying with security controls is challenging for any business but particularly for those teams Read more…
Today, business faces multiple forms of risk from a wide range of sources. Some risks are individual and industry specific, while others are unpredictable and shared across the business landscape. Potential threats to a business could include; information security breaches, legal disputes, operational failures and disasters. Regardless of their cause, unaccounted risks or inadequate planning and controls can be very damaging. In this article we are going to look at information technology focused risk assessments and how to perform them. What Read more…
We are excited to announce StandardFusion 2.20! This update features an overhaul of collaborators and tasks, improved reporting features, and a rework of dashboards. Collaborators Direct Login Collaborators can now securely log into StandardFusion, streamlining their participation in the compliance management workflow, and making it easier for managers to manage and delegate tasks. Collaborator View Collaborator view provides users with what they need to complete the task they were assigned including: Read more…
For Cloud Service Providers (CSPs) and organizations intending to work with United States Federal Government agencies that process and store government data, obtaining proper certification is essential. The two most important certifications are the Federal Risk and Authorization Management Plan (FedRAMP) and the Federal Information Security Management Act (FISMA). FedRAMP is a security certification for Read more…
Control maturity has always been key to proactive risk management; it’s the difference between identifying a risk before it happens vs. handling the fallout. Organizations that have effective controls are still finding it difficult to identify problems before they occur, often relying on reactive processes and dealing with challenges as they emerge. In contrast, organizations that have implemented a control maturity program are more proactive at mitigating risk Read more…
SharePoint is a Microsoft owned, cloud-based document management and sharing platform widely used in the business community – in fact, Microsoft claims that it’s used by more than 75% of Fortune 500 companies. Along with its document storage and sharing capabilities, SharePoint has a number of features for managing the security and compliance of documents Read more…
As progressive organizations become more reliant on cloud-based technology and implementing data-based solutions, information security management is becoming more and more important. The ISO 27000 series is a family of standards that provide best practice guidelines for information security management. The standards are published jointly by the International Organization for Standardization (ISO) and the International Read more…
Regardless of the industry, companies face increasing competition with each passing day. Whether you’re a massive enterprise, or a small startup, monitoring and maintaining operational efficiency has never been more important. Consequently, internal audits have grown to become an essential component of a business’ success. The dynamic pace of today’s business landscape also means that Read more…
The FedRAMP SSP report is a comprehensive overview of your security program, describing all the security controls used to secure the cloud environment. Generating the FedRAMP SSP report is typically a very time-consuming task. Fortunately, there are several methods that can create the report, including StandardFusion’s GRC software. FedRAMP (Federal Risk Authorization Management Program) is Read more…
FedRAMP (Federal Risk Authorization Management Program) is a US government-wide approach to the security assessment, authorization and monitoring for cloud service providers (CSPs). CSPs are organizations that provide infrastructure, network, or business services on the cloud. Some of the popular CSPs (or their products) include Microsoft Azure, Google Cloud Platform, AWS (Amazon Web Services), VMware, Read more…
StandardFusion Fit Analyzer