Demystification of the FedRAMP Authorization Boundary Diagrams (with Template)
Under FedRAMP, CSPs using external services must document them, include them in their authorization boundary for federal data, and get official approval.
Exploring the Hidden Costs of Apple Products
Is the high price of Apple devices justified? I explore the limited customization, closed ecosystem, ethical concerns, and more that consumers should consider before purchasing.
How I built a Security Question & Answer Knowledge Base
A tool that I discovered and implemented in FormAssembly back in November
How I Built a Security & Compliance Reporting Process
[UPDATED 2023-MAY-31: Just did our closing meeting ISO 27001 Audit and the
How I Structure a Policy Portal
10 Things To Know Before A SOC 2 Audit
Gain Customer Trust and Confidence with a SOC 2 Audit for Your Business
How I Structure Security Controls Portal
Main Page - Security Control: Identification & Authentication (IAC)
Identification & Authentication (IAC) -
SOC 2: Pros and Cons
The SOC 2 framework is a set of standards and guidelines developed
ISO 27001: Pros and Cons
The ISO 27001 framework is an internationally recognized standard that provides a
SOC 2: Importance of Stakeholders Collaboration
Involving all relevant stakeholders in the SOC 2 implementation process is essential
HIPAA Expected Evidence
Click the link below to be redirected to the spreadsheet
HIPAA Expected
Audit Principles and Concepts
Carve-out method
Method of dealing with the services provided by a subservice
