Event
Compliance & Certification
Compliance & Certification
at
Mailerlite
Got questions about email marketing and GDPR? We compiled 99 (yes, 99!) FAQs to debunk the myths, state the facts and give you and your subscribers peace of mind. #GDPR #emailmarketing #email
Got questions about email marketing and GDPR? We compiled 99 (yes, 99!) FAQs to debunk the myths, state the facts and give you and your subscribers peace of mind.
#GDPR#emailmarketing#email
at
Air
We are proud to announce that Air is now SOC 2 compliant! π Click through to learn about how we achieved this important milestone (with the help of Drata) and what it means for our ongoing commitment to privacy and security.
We are proud to announce that Air is now SOC 2 compliant! π Click through to learn about how we achieved this important milestone (with the help of Drata) and what it means for our ongoing commitment to privacy and security.
Founder & CEO
at
Contractbook
Seriously, Viktor Heide is right for once!! Who would have guessed? Its now officially past the 25th of May (gdpr day) and your business has not drowned in fines yet.. But should you be data ethical? we work towards helping our clients with getting automated consent, sending DPAs and much more. We made the solution for ourselves, but sharing is caring! So use it, be happy and avoid fines in the future as well.
Seriously,Viktor Heideis right for once!! Who would have guessed?
Its now officially past the 25th of May (gdprday) and your business has not drowned in fines yet.. But should you be data ethical? we work towards helping our clients with gettingautomated consent, sending DPAsand much more.
We made the solution for ourselves, but sharing is caring! So use it, be happy and avoid fines in the future as well.
at
Mailerlite
Are your opt-in forms GDPR compliant? With all the different rules to follow, things can get confusing. Grab yourself a coffee and check out our guide on how to create opt-in forms that work and still comply with GDPR legislation. #GDPR #emailmarketing #newsletter
Are your opt-in forms GDPR compliant? With all the different rules to follow, things can get confusing.
Grab yourself a coffee and check out our guide on how to create opt-in forms that work and still comply with GDPR legislation.
#GDPR#emailmarketing#newsletter
Change Management Project Manager
at
Hubspot
You can now become a Certified Revenue Operations Professional! On April 1, HubSpot Academy launched an entire course on Revenue Operations. The certification is full of templates and strategies based on best practices from current operators and business leaders.Weβd love for you to take it, and have you share your opinion on it with us, and with the world! What does the course entail? Introduction to RevOps Applying RevOps to the Flywheel Holding Your Teams Accountable With an SLA How to Map a Sales Process Systems Management for RevOps Communicating the Value of RevOps to Company Leaders Structuring Your RevOps Team Hiring RevOps Team Members Evaluating and Iterating Your RevOps Strategy https://lnkd.in/eyStYYp7 Courses & Lessons
You can now become a Certified Revenue Operations Professional!
On April 1, HubSpot Academy launched an entire course on Revenue Operations. The certification is full of templates and strategies based on best practices from current operators and business leaders.Weβd love for you to take it, and have you share your opinion on it with us, and with the world!
What does the course entail?
Introduction to RevOps
Applying RevOps to the Flywheel
Holding Your Teams Accountable With an SLA
How to Map a Sales Process
Systems Management for RevOps
Communicating the Value of RevOps to Company Leaders
Structuring Your RevOps Team
Hiring RevOps Team Members
Evaluating and Iterating Your RevOps Strategy
https://lnkd.in/eyStYYp7
Courses & Lessons
Cybersecurity Risk Management & Compliance
at
Drata
Misinformation about information security compliance is all over the place. Below are some of the myths I hear on a regular basis. #SOC2 π« SOC2 is a certification π« The Points of Focus are required to be met π« All five Trust Services Categories are required π« SOC2 prescribes the controls that are required π« An organization can provide their cloud service provider's SOC2 report (i.e. AWS) to their customers and they do not need to obtain their own SOC2 report #ISO27001 π« Only accredited certifications can be issued π« Annex A controls are required to be implemented π« ISO 27002 implementation guidance is required π« The risk assessment must follow ISO 27005 guidance π« Certification means non-conformities were not identified #HIPAA π« An organization can be certified against HIPAA π« An organization is only required to comply with HIPAA if they sign a Business Associate Agreement (BAA) with a Covered Entity (CE) π« Business Associates are not required to adhere to the Privacy Rule π« Information collected by personal fitness trackers is covered by HIPAA #PCI π« Levels are determined by the PCI Security Standards Council (PCI SSC) π« PCI SSC determines the validation requirements for each level π« PCI compliance is only required if your organization stores cardholder data π« Self-Assessment Questionnaires (SAQs) must be completed by a Qualified Security Assessor #CMMC π« The Cyber AB determines the control requirements for each level π« The assessment objectives from NIST 800-171A are not required π« Primes will actually take the time to identify which subcontractors are provided CUI π« The DoD has this all under control #compliance π« Achieving compliance and certification means an organization is secure π« Compliance does not provide any value from a security perspective to an organization π« All auditors are not technical and do not understand security π« Control mapping documents are an easy button when it comes to proving conformance to multiple standards What did I miss?
Misinformation about information security compliance is all over the place. Below are some of the myths I hear on a regular basis.
#SOC2
π« SOC2 is a certification
π« The Points of Focus are required to be met
π« All five Trust Services Categories are required
π« SOC2 prescribes the controls that are required
π« An organization can provide their cloud service provider's SOC2 report (i.e. AWS) to their customers and they do not need to obtain their own SOC2 report
#ISO27001
π« Only accredited certifications can be issued
π« Annex A controls are required to be implemented
π« ISO 27002 implementation guidance is required
π« The risk assessment must follow ISO 27005 guidance
π« Certification means non-conformities were not identified
#HIPAA
π« An organization can be certified against HIPAA
π« An organization is only required to comply with HIPAA if they sign a Business Associate Agreement (BAA) with a Covered Entity (CE)
π« Business Associates are not required to adhere to the Privacy Rule
π« Information collected by personal fitness trackers is covered by HIPAA
#PCI
π« Levels are determined by the PCI Security Standards Council (PCI SSC)
π« PCI SSC determines the validation requirements for each level
π« PCI compliance is only required if your organization stores cardholder data
π« Self-Assessment Questionnaires (SAQs) must be completed by a Qualified Security Assessor
#CMMC
π« The Cyber AB determines the control requirements for each level
π« The assessment objectives from NIST 800-171A are not required
π« Primes will actually take the time to identify which subcontractors are provided CUI
π« The DoD has this all under control
#compliance
π« Achieving compliance and certification means an organization is secure
π« Compliance does not provide any value from a security perspective to an organization
π« All auditors are not technical and do not understand security
π« Control mapping documents are an easy button when it comes to proving conformance to multiple standards
What did I miss?
Chief of Staff to the CEO
at
Hubspot
According to the IDC, global data creation expected to reach 180 zettabytes by 2025. Zettabytes. That's why more and more companies are (and should) be thinking about how they manage and use their customers', employees', and users' data. At HubSpot, we talk a lot about how to ethnically handle data and privacy, and we use our company values as a guide. Beliefs like transparency and fairness are key to ethnical data management. In this new article from Nicholas Knoop, who leads HubSpot's Head of Privacy & Data Protection, he shares our company's framework for prioritizing trust in our approach. Shout out to Nick and Kritika Langhauser for helping us learn more about sustainable governance each day!
According to the IDC, global data creationexpected to reach 180 zettabytes by 2025. Zettabytes.
That's why more and more companies are (and should) be thinking about how they manage and use their customers', employees', and users' data. At HubSpot, we talk a lot about how to ethnically handle data and privacy, and we use our company values as a guide. Beliefs like transparency and fairness are key to ethnical data management.
In this new article from Nicholas Knoop, who leads HubSpot's Head of Privacy & Data Protection, he shares our company's framework for prioritizing trust in our approach. Shout out to Nick and Kritika Langhauser for helping us learn more about sustainable governance each day!
at
Mailerlite
GDPR: The sequel. Get the scoop on whatβs happened since the GDPR kicked in (featuring new laws, shorter email lists and some hefty fines)! #GDPR #emailmarketing
GDPR: The sequel. Get the scoop on whatβs happened since the GDPR kicked in (featuring new laws, shorter email lists and some hefty fines)!
#GDPR#emailmarketing
at
Zendesk
Make sure your agents are ready for anything with the Zendesk Omnichannel Agent Specialist Exam. πͺ π» π
Make sure your agents are ready for anything with the Zendesk Omnichannel Agent Specialist Exam. πͺ π» π
at
Mailerlite
GDPR: The sequel. Get the scoop on whatβs happened since the GDPR kicked in (featuring new laws, shorter email lists and some hefty fines)!
#GDPR#emailmarketing
