Compass IT Compliance is an IT security and compliance services firm specializing in helping organizations mitigate their risk of a data disaster!
Joined February 2015
- Tweets 2,564
- Following 486
- Followers 419
- Likes 131
559 Photos and videos
Missed our webinar yesterday on getting started with AI? The full recording is now available. Learn how today's beginner-friendly tools make it possible to build a simple AI system step-by-step, no advanced programming or math required.
Watch now:
hubs.li/Q04lcFQw0
11
A great evening celebrating with fellow Rhode Island employers at the Providence Business News Best Places to Work awards event. We’re grateful to be recognized for the 10th consecutive year and proud to be part of such an incredible business community!
14
Vulnerability exploitation is now the #1 breach vector, according to the 2026 Verizon DBIR. Our latest blog breaks down what that shift means for your SOC 2 controls and how to modernize your vulnerability management program before attackers find the gaps.
hubs.li/Q04kYtKv0
35
Most SOC reports use the carve-out method for subservice organizations, and the implications matter.
We broke down carve-out vs. inclusive method: what each requires, what gets disclosed, how CSOCs work, and what user entities should do when they see ...
hubs.li/Q04kPj800
3
Join us this Thursday for a beginner-friendly webinar on building your first AI system using Azure—no advanced programming required. Walk through the process step-by-step and learn realistic expectations. CPE-eligible, register today:
hubs.li/Q03Ycrgr0
15
Scoping is where most CMMC Level 2 efforts succeed or stall before a single control is implemented. Our latest guide breaks down CUI asset categories, data flow mapping, and how to build an assessment boundary that holds up to C3PAO scrutiny.
bit.ly/4dNw0DK
2
After attending the ISACA Rhode Island Annual General Meeting yesterday, the Compass IT Compliance team was back on the road today for the ISACA New England GranIT Conference 2026 in Nashua, NH. We enjoyed another great day of industry discussion and networking!
19
Compass #security expert Patrick Laverty recently appeared on WPRI 12 News to offer commentary on a story involving a hidden camera on campus. Patrick shares tips for how IT departments can identify & prevent unauthorized hidden devices on their networks.
bit.ly/4x0gLPg
1
70
How does a growing insurance advisor protect sensitive client data while pursuing SOC 2 compliance? Our latest case study explores how HealthGuys worked with Compass to complete a SOC 2 Type 1 audit & validate its applications through penetration testing:
bit.ly/4vuCoFT
1
5
Compass IT Compliance is proud to be at the ISACA Rhode Island Chapter Annual General Meeting today at the Amica Insurance Amphitheater in Lincoln, RI. We're looking forward to a full day of expert insights and meaningful connections around technology, risk, and security.
14
🎙️ New Layer 8 Podcast episode is live. Host Patrick Laverty talks with behavioral scientist and author Dr. Abbie Maroño on the science behind body language, non-verbals, and persuasion, and how we read, trust, and influence one another. Listen now:
apple.co/4uGHS09
5
Compass IT Compliance was proud to support the Ronald A. Garrison Memorial Golf Tournament at Topstone Golf Course in South Windsor, CT. We were honored to be part of an event that brought the community together to raise funds for families impacted by cancer.
31
SOC 2 rarely makes security questionnaires disappear. It changes who asks, what they ask, and how fast you can answer. Our latest post breaks down where the real ROI of a SOC 2 Type 2 shows up in enterprise procurement.
hubs.li/Q04jcNsP0
3
A Third Party Administrator (TPA) breach rarely stops at the TPA. The headlines, lawsuits, and regulatory inquiries land on both sides of the contract. Our latest article covers the IT security, compliance, and vendor risk practices tha...
hubs.li/Q04j5Sg80
25
🎙️ New Layer 8 Podcast episode: Host Patrick Laverty talks with John Bejakovic, author of "The 10 Commandments of Con Men..." Building on Robert Cialdini's work, John breaks down 10 influence techniques every social engineer should know. Tune in:
hubs.li/Q04hXXYj0
11
Today we remember the fallen. To every service member who gave their life in defense of our country, and to the families who continue to feel that loss, we offer our heartfelt gratitude and respect.
2
Every SOC 2 Type 2 report tells a story, and savvy buyers are reading between the lines. Our latest post unpacks what enterprise security reviewers really want to see, and how to make sure your report sends the right signals.
hubs.li/Q04hH3sb0
1
A big thank you to the Maine Bankers Association for hosting another fantastic Bank Expo, and to everyone who stopped by our booth to chat with the Compass team. Special shoutout to our Co-Founder Jerry Hughes for sharing his insights on stage. Until next time, Augusta!
11
🎙️ New episode of the Layer 8 Podcast! Host Patrick Laverty sits down with John Costa & Jordan Saleh, the masterminds behind this year's social engineering CTF at the Layer 8 Conference. Tune in to hear how they built it & why you'll want to compete.
hubs.li/Q04h7Bkg0
8
The strongest PCI DSS programs treat Targeted Risk Analyses as living documents, not pre-audit paperwork. Our latest blog covers what TRAs require, common pitfalls, and how to build a sustainable TRA maintenance process.
hubs.li/Q04h7cmH0
4