Resources

The word "compliance" might make startup founders shudder as they think of onerous, time-consuming processes, but it doesn't have to be that way.

A System and Organization Controls 2 (SOC 2) report shows how compliance can continuously improve an organization and add value.

March 28, 2024 - Family Businesses 2 Wayne Elliott and Security Audits Mike DeKock - School for Startups Radio Entrepreneur Podcast - Learn to be a low risk entrepreneur!

Putting the right team together can be exciting and challenging. It's something we think about a lot, so we decided to share the superheroes that make up our GRC dream team.

Within the SOC 2 framework, two crucial categories—privacy and confidentiality—play distinct roles in safeguarding sensitive data. Our latest article outlines each category and the differences between the two.

Find out why we don't offer SOC 2 readiness assessments, and how we approach the early phases of a SOC 2 report instead.

Check out Software Secured's story focused on the process of working on their SOC 2 report with MJD Advisors

We partnered with SecFix on this article to share the differences between ISO 27001 certification and SOC 2 completion, and how you can leverage your work from one to the other.

Penetration testing simulates an outside attack on your applications and network. Drata shares the types of pen tests and how to conduct one to prevent risk.