Uncover the Latest GRC Practices

Mapping PCI DSS to NIST CSF

Posted November 5, 2020March 6, 2021

Today, many organizations are required to comply with various compliance and information security frameworks such as PCI DSS, NIST CSF, ISO27001 and SOC2 to ensure the security of their data. It is becoming increasingly popular for companies to enhance their data security and manage risk more effectively by combining frameworks, such as PCI DSS and NIST cybersecurity framework to achieve a comprehensive security outcome. PCI DSS Payment Card Industry Data Security Standards (PCI DSS) refer to requirements that ensure organizations accepting payment cards handle the cardholders’ data Read more…

Product Feature – Plan Of Actions and Milestones

Posted October 28, 2020October 28, 2020

In the cloud environment, we can be sure that nothing stays the same for long. Cloud service providers (CSP) will always be faced with new threats and regulatory requirements. Changing vulnerabilities force companies to adapt their existing controls to updated requirements, a process which must be properly tracked. Some security frameworks, like FedRAMP or NIST Read more…

Cost of PCI DSS Compliance

Posted October 21, 2020May 23, 2023

‘Is there a fixed cost for becoming PCI-DSS compliant?’ is a frequently asked question, and the short answer is no. The variance in cost depends primarily on how many transactions need to be process as well as transmission and storage methods. Before we delve into these factors, let’s begin by understanding PCI-DSS compliance. PCI-DSS compliance is the adherence to requirements outlined in the Payment Card Industry Data Security Standard (PCI-DSS). PCI compliance ensures Read more…

Agile Internal Auditing

Posted September 11, 2020March 6, 2021

Agile working practices were originally developed as an efficient and effective way of iterating in software development. Agile principles value individuals and interactions over processes and tools, working software over comprehensive documentation, customer collaboration over contract negotiation and responding to change over following a plan. Agile emphasizes an iterative structure that provides flexibility, efficiency, and increased transparency. In Read more…

SOC 2 – Type 1 or Type 2? Everything you need to know

Posted August 28, 2020February 6, 2023

Updated February 6th, 2023 This article breaks down the different types of SOC reports, the benefits of SOC 2 Type 1 and Type 2 compliance, and how you can manage your SOC 2 compliance with ease using a comprehensive GRC tool. Whether you’re just getting started with SOC reporting or looking to upgrade your current Read more…

The Cost of a Failed ISO Audit

Posted July 31, 2020May 23, 2023

In a global marketplace, international standards are essential to protecting consumers, companies, and their respective industries. The International Organization for Standardization (ISO), develops and publishes international standards to ensure products and services work how you would expect them to. With over 21,000 published standards, companies can become certified for nearly anything, ranging from quality and environmental management, to information security management. With so many Read more…

Product Release | Policy Management

Posted July 11, 2020March 28, 2023

We are excited to announce our new Policy Management module. Having a dynamic policy management system in place keeps your team informed of changes, organizational risk and shares accountability across teams. Our new policy management module includes multiple new features including: an in-app document editor, version tracking, approval management, acknowledgement tracking, and new reporting capabilities. Tackling Policy Management with StandardFusion In-App Document Editor We have implemented an in-browser document editor! To streamline the user experience, policy documents can be uploaded, Read more…

SOC 1 vs. SOC 2 vs. SOC 3 – Which One Should I Pursue?

Posted July 9, 2020March 6, 2021

Over the past decade, we have seen the rapid growth of many organizations outsourcing various functions to service providers and vendors. Such services may range from processing activities, customer support, infrastructure and networks, managed IT services…the list is endless. The growth in outsourced services has been accelerated by many factors – ranging from pressure to reduce operational costs, resolve Read more…

Press Release

Posted June 26, 2020September 16, 2020

For immediate release StandardFusion Announces Partnership With Mirai Security Vancouver, British Columbia (July, 2020) StandardFusion, a global Governance, Risk and Compliance management platform is pleased to announce a strategic partnership with Mirai Security – pairing StandardFusion’s powerful GRC software with Mirai Security’s industry leading information and cyber security management consulting. Founded in 2015, StandardFusion has grown exponentially year after year. Growth is expected to continue with StandardFusion’s customer base projected to increase by 200% by the end of the Read more…

Third-Party Vendor Risk Assessments [Simplified Guide]

Posted June 24, 2020May 23, 2023

Updated May 18th, 2022 This article will help you understand how vendor risk assessments can mitigate potential threats to your organization and ensure third-party suppliers meet your business needs and expectations. What you will learn: Let’s dive into learning how vendor risk assessments can help you ensure third parties keep up with your business’s quality Read more…

GRC Platform