In building Hugo our AI-powered Compliance Copilot, we have been evaluating cloud-based Software-as-a-Service (SaaS) GRC tools, and they are missing the mark. Excel Control Frameworks Traditional Control Frameworks attempt to map NIST, ISO, CMMC, and other Information...
Staying on top of compliance requirements PCI DSS v4.0 Phase 1 The PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designated to protect payment data. The goals for PCI DSS to promote...
Introduction In the traditional financial services industry, third-party service providers such as custodians, exchanges and fund administrators leverage SOC (System and Organization Controls) reports to build stakeholder trust and confidence. SOC reports are internal...
On December 26, 2023, the Department of Defense (DoD) published for comment a proposed rule for the Cybersecurity Maturity Model Certification (CMMC) 2.0 program, a revamped version of from the History of Cybersecurity Maturity Model Certification (CMMC). The new...
The Cybersecurity Maturity Model Certification (CMMC) is an assessment program designed to ensure that Department of Defense (DoD) contractors and subcontractors meet the cybersecurity requirements for handling Controlled Unclassified Information (CUI). With the...
