Certification and Beyond: Managing Compliance Between Recertification (E02b)
Certification is just the first step—maintaining compliance requires continuous effort throughout the three-year cycle. This talk discusses why compliance extends beyond initial certification and focuses on controls that require frequent updates, such as access management, vulnerability scanning, and incident response planning. Practical strategies will be shared for staying assessment-ready, tracking critical requirements, and addressing organizational changes like acquisitions or boundary adjustments. Attendees will learn how to stay ahead of compliance demands while maintaining a robust cybersecurity posture.