Today's Edition: It's the Most Wonderful Time of Year... for Compliance Audits ??

Did you know that compliance audits are recommended at least twice annually? Security and compliance are vital pieces to expanding your customer portfolio, and part of achieving compliance is passing your audit and obtaining a clean audit report.

Here are some important tips on how to pick the right audit firm:

?? They understand your industry. If you’re a FinTech company working with large financial institutions, your requirements will look different than a healthcare tech company working with large hospital systems. Or, if you’re a US-based SaaS company working on SOC 2 compliance, your compliance requirements will have a different focus than a UK-based service provider serving Europe and working toward ISO 27001.

?? They understand your tech stack. There’s nothing worse than having a conversation with your auditor and watching their eyes glaze over.

?? They have solid references. While all CPA firms technically can do an audit, you really want one that has deep, consistent experience. Ask for references and make sure they are industry-relevant and recent.

?? They communicate well. Does the auditor speak your language and understand common industry terms or are they speaking over your head, throwing out jargon, or speaking in broad generalities? The latter is another red flag.

Drata Bits?

?? Announcing Drata's Series C

???Drata Grabs Top Spots in Winter 2023 G2 Reports

Continuous Compliance with Drata

Say goodbye to spreadsheets and hello to Drata ?? With our 24/7 compliance monitoring, you can focus on enjoying all of life’s moments, building your next big venture, or accelerating the growth of your business with peace of mind.

Check out our video on LinkedIn or discuss it here in the Secured community.

From Drata's Experts

Building Secure, Compliant Containers

Our security team released a new paper and upcoming webinar that discusses how to build secure and compliant containers. Get your copy or register for the webinar here.

14 Security Frameworks to Consider

Security standards can help reduce your risk and exposure to the growing number of cyber threats. The question is: Which ones should you focus on? Get the answer here.

How to Conduct a Business Impact Analysis

If you want to better understand the importance of a business impact analysis and how to conduct one, this one is for you.

How to Become HIPAA Compliant: An Easy to Follow Guide

Learn how to become HIPAA compliant, so you can keep patient health information secure and protect your business from the consequences of data breaches.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) set national standards for how America’s healthcare industry protects patients’ protected health information (PHI).?

Extending far beyond hospitals and clinics, these regulations apply to any business that collects, receives, stores, or transmits PHI. Managing HIPAA compliance can be challenging as it involves many aspects of the business, from information security to employee training. Here is everything you need to start your HIPAA compliance program.

Drata Community: Vote and share to win! ??

How to have a positive audit experience

There can be a lot of stigma around audits, but it’s definitely possible to have a positive experience in this arena. Check out this article for Drata’s expertise on handling an audit and for the chance to win a brand new pair of Apple Airpods* ?????

Vote on the poll here and share your audit questions and comments with us! Entries will be accepted until December 23 at 10 a.m. PST.

*Official Rules: No purchase or payment necessary to enter. To be eligible, must register for Secured, the Drata community, and leave a comment at the above linked thread. Ages 21+ only. Winner will be selected at random and notified via direct message on Secured, the Drata community. Each winner has 48 hours to claim the prize after being notified. Participants release Drata and LinkedIn from all claims relating to this giveaway.

Around the Web

Resources and Articles From Trusted Sources

The following articles highlight great insight and experience from security reporters, vendors, and thought leaders.

EU Moves Closer to Sewing Up New Data Transfer Deal With US | Security Week

Uber suffers new data breach after attack on vendor, info leaked online| Bleeping

Cybersecurity in space: The out of-this-world challenges ahead | ZDNET

Secured Jobs

Jobs From the Community

Head of Trust and Safety | Block | New York, NY?

Risk Management - Lobbying and Political Compliance (LPC) Senior Associate | EY | Jericho, NY?

Principal Legal Risk | Discover Financial Services | Prairie Home, NE?

Product manager, Governance Risk and Compliance | Starbucks | (Remote)

Have a role you want listed? Just reply to this email.

Trusted is produced by Drata's team of compliance and security experts.

Helpful Resources

Trusted is currently published twice a month and is designed to share the latest resources from around the compliance, risk management, and cybersecurity space. If you have suggestions or would like to include a recent article or podcast, please let us know.

?? Secured, The Drata Community

↘? Trusted: Share our newsletter with others

?? Upcoming Webinars

?? Drata Customer Stories