Each information security framework was created for a purpose, but the shared goal is some form of assurance that sensitive data is effectively protected. Unfortunately, compliance requests vary by client and too frequently are based on incorrect assumptions or a check-list mentality that jeopardizes true information security.Identifying the right security framework (or set of frameworks) for your organization not only provides real information security assurance, it also gives you the opportunity to consolidate the audits you’re conducting or undergoing to save valuable time and money.
At a recent debt collection industry event I was asked numerous times: “Do I really need an SSAE 16?” Well, the answer to that question depends on the intention of the request. Read my blog post to learn what you need to know before pursuing an SSAE 16 audit.
