Open in app

Sign in

Write

Sign in

The “Huge Value” of Consolidating Your Cybersecurity Audits | Pivot Point Security

Pivot Point Security
2 min readSep 14, 2020

Last Updated on September 16, 2020

Many organizations seeking ISO 27001 certification face other cybersecurity compliance audits as well, like SOC 2, ISO 27701, HITRUST, FedRAMP and/or CMMC.

If that applies to your company, consider the benefits of consolidating your cybersecurity audits so they happen at the same time with one registrar/audit firm.

Streamline your activities to save considerable time and money.

“If I can go to one auditor versus six auditors, I think that’s a huge value proposition,” said John Verry, Pivot Point Security’s CISO and Managing Partner, on a recent episode of The Virtual CISO Podcast. John’s guest was Ryan Mackie, Principal and ISO Practice Director at leading audit firm Schellman & Company. Both John and Ryan are certified ISO 27001 Lead Auditors.

“We’ve designed our services to be able to meet that, so we’ve got cross-trained team members for ISO 27001, SOC 2, FedRAMP, PCI and everything else,” notes Ryan. “Especially with ISO 27001, when we do have the control set in play, there’s so much commonality between just the basics there. So if we can use somebody doing a SOC 2 audit that’s ISO trained, all the testing that they do for SOC we can apply to ISO.”

“If you’re preparing for one external audit that’s going to cover everything-the amount of time that you take away from your control and process owners, the reporting, a consolidated findings document…,” Ryan replies. “And so it’s so much easier to have that (and I hate to say it) one neck to choke.”

With third-party consultants, the time/cost benefits are similar. For example, Pivot Point Security frequently performs consolidated internal audits that cover ISO 27001 and SOC 2, or ISO 27001 and PCI, etc.

If your company is preparing for (or contemplating) an ISO 27001 audit, the episode of The Virtual CISO Podcast with Ryan Mackie will be of enormous value to you.

You can listen to the entire show here. If you don’t like using Apple Podcasts, click here.

Originally published at https://www.pivotpointsecurity.com on September 14, 2020.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Soc 2
Iso 27001 Audit
Pivot Point Security
Pivot Point Security

Written by Pivot Point Security

22 Followers
1 Following

We are a trusted source of simple, practical, and actionable information security guidance.

No responses yet

Write a response

More from Pivot Point Security

See all from Pivot Point Security

Recommended from Medium

Lists

Staff picks

826 stories1649 saves

Stories to Help You Level-Up at Work

19 stories948 saves

Self-Improvement 101

20 stories3355 saves

Productivity 101

20 stories2818 saves
See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams