Regulatory Compliance, Governance and Security:

February, 2009


February 23, 2009  5:13 PM

SAS 70 Internal Controls | Important Facts and Tips to Know

Charles Denyer Charles Denyer Profile: Charles Denyer

SAS 70 audits test a wide array of internal controls within your organization for helping ensure SAS 70 Type I or Type II compliance. What's interesting to note about these "internal controls" is that you need to truly understand what they are...

February 23, 2009  1:32 AM

PCI Policy and Procedures Documents | You Need them for PCI DSS

Charles Denyer Charles Denyer Profile: Charles Denyer

PCI policy and procedures documents are extremely critical in achieving Payment Card Industry (PCI) compliance. How critical? Enough that an entire requirement for PCI is dedicated to developing an...


February 23, 2009  1:11 AM

What is SAS 70 | A Question I’m Often Asked by Service Organizations

Charles Denyer Charles Denyer Profile: Charles Denyer

What is SAS 70? For us in the regulatory compliance and Information Technology world, this would be an absurd question. Well, put yourself in the shoes of businesses who work hard everyday, struggling to make ends meet, and then suddenly,...


February 21, 2009  12:57 PM

PCI Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data | What You Need to Know

Charles Denyer Charles Denyer Profile: Charles Denyer

For Payment Card Industry (PCI) compliance, there are twelve (12) core, functional requirements mandated under PCI DSS v1.2. What's important to note is that many times you truly need to "read between the lines" to interpret, comprehend, and understand what the PCI DSS standards are actually...


February 18, 2009  7:53 PM

PCI DSS and SAS 70 Audits | Audit Efficiencies? Maybe…just Maybe

Charles Denyer Charles Denyer Profile: Charles Denyer

As a SAS 70 auditor and a PCI QSA, i'm often asked about the efficiencies of scale that can be achieved with SAS 70 audits and PCI DSS assessments. I have blogged about this a few times before, so let me be more clear and transparent in what i believe can actually be obtained in regards to audit...


February 14, 2009  1:52 PM

Payment Card Industry (PCI) Compliance | Much More than just I.T.

Charles Denyer Charles Denyer Profile: Charles Denyer

That's right. Payment Card Industry (PCI) compliance is much more than just I.T. and all the surrounding hardware and software components that make up the "system components" within the cardholder environment. I've just recently finished up a PCI Readiness Assessment for a client on the West Coast...


February 11, 2009  10:27 PM

PCI DSS Requirement 10: Regularly Monitor and Test Networks

Charles Denyer Charles Denyer Profile: Charles Denyer

Payment Card Industry (PCI) Data Security Standards (DSS) compliance is often not a black and white assessment. Sure the PCI council gives you the complete assessment document, which fully explains each of the twelve (12) requirements and what is needed for validating each of these respective...


February 9, 2009  2:04 AM

PCI Compliance Strategic Plan | How to Become Compliant | PCI DSS

Charles Denyer Charles Denyer Profile: Charles Denyer

Need to be Payment Card Industry (PCI) compliant in 2009? Are you a Merchant, Service Provider, Third Party Processor or some other Third Party outsourcing entity involved in the process, storing, or transmitting of payment and creditcard data? If so, listen up, because you need to develop a PCI...


February 8, 2009  3:11 PM

PCI Security Standards | Learn How to Become PCI Compliant

Charles Denyer Charles Denyer Profile: Charles Denyer

Payment Card Industry (PCI) compliance is becoming a force to reckon with, to say the least. It seems as if every possible and conceivable industry in the country is being affected by PCI compliance, either directly or indirectly. What's important to note about PCI compliance is that it primarily...


February 8, 2009  2:59 PM

SAS 70 Audit Guide | Learn the Secrets to SAS 70 Audits

Charles Denyer Charles Denyer Profile: Charles Denyer

Need to learn about SAS 70 audits? Not too sure about what the audit actually entails in regards to scope, time, effort and financial considerations? Well, if your organization is seeking to become SAS 70 Type I or Type II compliant for 2009...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: