Risk & Compliance/Legislation

T3-3B. Coordinating Compliance: How to Leverage Frameworks and Maximize Efficiencies

Tuesday, June 11, 2024 10:45 AM - 11:45 AM

Room 3BC

Description
Audit cycles seem to run year round with auditors asking the same questions over and over. Is there a way to reduce audit fatigue and leverage the frameworks you are subject to to gain efficiencies and reduce the burden of multiple assessments? Absolutely! Learn how to leverage security frameworks to your advantage and hear from an external assessor on what has worked well at organizations with multiple audit responsibilities such as ISO (27001, 9001, 20000-1, 22301), SOC (1, 2, 3), PCI, NIST, HITRUST, etc. and discuss some of the pitfalls that organizations have experienced.
Learner Objectives
After this session, attendees will: - Understand the overlap between multiple frameworks (SOC, ISO, FedRAMP, PCI, etc.) - Identify how to time assessments to reduce audit burden - Identify how to better control the audit process and set expectations with their auditors