Discussion
The GDPR - How an organization can comply?
Since 2018, all organizations that store or manage the private data of European citizens are subject to the General Data Protection Regulation (GDPR).
Whether the organization is Canadian, Belgian or Chinese, it doesn't make any difference.
SOC 2 - The Ultimate Aggregator?
Although AICPA's U.S. SOC 2* standard has been in place for many years and is well known to
the large company, in recent years, it has been required by small Canadian companies to have
this type of compliance report.
SOC 2 and ISO 27001 - Which compliance standard to choose?
Small businesses in Quebec that do business with large Canadian, U.S. or European companies are increasingly required to comply with SOC 2 or ISO 27001 compliance frameworks. Sometimes in contracts, the choice is left to the small business.
IT Compliance program – What are the issues and challenges?
The obligation to implement an IT compliance program is now a part of the reality of many small organizations in Quebec and the rest of Canada. Most of the time, these small organizations do not have a compliance team, internal audit team, or security expert.
Personal Data – The responsibility
With the arrival of the European Union's General Data Protection Regulations (GDPRs) in 2018 and the upcoming exit of Quebec's Bill 64, which will modernize some of Quebec's privacy laws, small Quebec organizations question the type of governance to be put in place.
The CLOUD Providers
To say that CLOUD solutions are more and more popular is a truism, so reality shows us every day. Seeing small businesses use multiple CLOUD providers and even seeing fully dematerialized SMEs is becoming an increasingly common, even routine way of thinking.
