Home > IT Blogs > Regulatory Compliance, Governance and Security/

Regulatory Compliance, Governance and Security:

June, 2009

1
June 26, 2009  3:37 PM

SAS 70 Audit | Why a Readiness Assessment is Crucial



Posted by: Charles Denyer
charles denyer, internal control framework, sas 70 audit, sas 70 readiness assessment, type i, type II

If your organization is seeking to become SAS 70 Type I or Type II compliant in the near future, then it is a wise decision to embark on a SAS 70 Readiness Assessment. These assessments essentially help...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 26, 2009  3:16 PM

PCI DSS Requirements and PCI DSS Merchant Levels | American Express | AMEX



Posted by: Charles Denyer
000 American Express, 000 to 2.5 million American Express transactions, 50, Annual onsite review, charles denyer, PCI DSS Requirements and PCI DSS Merchant Levels | American Express | AMEX, processing less than 50, Quarterly Network Scan by ASV

While most individuals focus on Merchant Levels for VISA, it's important to note that the additional payment brands, such as American Expresss (AMEX), have defined their own respective merchant levels based on...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 26, 2009  3:08 PM

PCI DSS Requirements and PCI DSS Merchant Levels | VISA



Posted by: Charles Denyer
2, 3, 4, annual report on compliance, annual self assessment questionnaire, asv, Attestaion of compliance form, charles denyer, Merchant Levels 1, PCI DSS Requirements and PCI DSS Merchant Levels | VISA, Quarterly network scan by approved Scan Vendor, ROC, SAQ

PCI DSS Requirements for Merchants is dependent on the "Level" your organization falls into. Currently, there are four (4) Merchant Levels for PCI DSS compliance. What's important to note is that these merchant levels are...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 20, 2009  3:31 AM

PCI COMPLIANCE



Posted by: Charles Denyer
charles denyer, level 1, merchants, payment card industry data security standards (PCI DSS), payment card industry security standards council, pci compliance, PCI DSS

Payment Card Industry Data Security Standards (PCI DSS) compliance means many different things to many people. And after all, it should, based on the complexities of truly understanding what the phrase "PCI Compliance" or being "PCI compliant" really means. For an ounce of clarity, remember...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 20, 2009  3:20 AM

SAS 70



Posted by: Charles Denyer
charles denyer, control environment, general controls report, sarbanes oxley act of 2002, SAS 70 Type I, sas70, Statement on Auditing Standards No. 70, type II

Statement on Auditing Standards No. 70, simply known as SAS 70 to many, has had a profound impact on regulatory compliance since the passage of the Sarbanes Oxley Act in 2002. As a SAS 70 auditor for many years, i've been asked a broad and wide range of...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 19, 2009  10:00 PM

PCI DSS Level 1 Compliance for Merchants and Service Providers | Helpful Tips



Posted by: Charles Denyer
12 requirements, charles denyer, merchants, PCI DSS, PCI DSS Level 1 compliance for merchants and service providers, pci qsa, service providers

PCI DSS Level 1 Compliance for Merchants and Service Providers can be a daunting task, but there are a number of proactive steps to take to help mitigate and hopefully eliminate cost and time overruns. There's quite a bit you can do to help prepare your organization for PCI DSS Level 1...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 16, 2009  11:40 AM

PCI DSS Requirements for Service Providers | Expert Advice from a QSA



Posted by: Charles Denyer
amex, charles denyer, data centers, Discover Card, ISO, jcb, managed service providers, mastercard, payment card industry data security standards (PCI DSS), payment gateways, PCI DSS, pci dss compliance, pci qsa, qualified security assessor, service providers payment card compliance, transaction processors, visa, web hosting providers

PCI DSS compliance is becoming a requirement for many service providers involved in the processing, storage, transmission, and switching of transaction data and cardholder data. In short, a service provider, for purposes of Payment Card Industry Data...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 16, 2009  2:35 AM

SAS 70 Audits and PCI DSS | Yes, There is a Big Difference



Posted by: Charles Denyer
assessments, audits, charles denyer, cpa firm, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, report on compliance, ROC, sas 70 type ii audit

SAS 70 audits, especially Type II reports and PCI DSS Level 1 Report on Compliance (ROC) assessments are dominating today's regulatory compliance arena. Painfully, as a SAS 70 auditor and a PCI DSS assessor, I keep hearing people talk about these two compliance initiatives as if they are one in...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

June 3, 2009  6:34 PM

SAS 70 | Surprise Examination | Internal Control Report for Investment Advisers



Posted by: Charles Denyer
charles denyer, client funds, File No. S7-09-09, internal control report, qualified custodian, sample sas 70 type II report, SAS 70, securities, surprise examination, The investment Advisers Act of 1940

The SAS 70 auditing standard is sure to become a necessary element of the proposed changes for the Investment Advisers Act of 1940. The SEC released a draft of proposed changes regarding “Custody of Funds or Securities of Clients by Investment Advisers” (

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1