July 27, 2009 11:49 AM
Posted by: Charles Denyer
Annual onsite review by QSA,
PCI DSS service provider levels,
qsa,
qualified security assessor,
SAQ,
visa,
VisaNetPCI DSS Service Providers Levels for VISA are defined as the following:
Level 1: All VisaNet processors (member and non-member) and all payment gateways.
Level 2: Service Providers (agents) not in Level 1 that...
July 24, 2009 8:12 PM
Posted by: Charles Denyer
american express,
charles denyer,
Discover Card,
jcb,
level 1,
level 2,
level 3,
level 4,
mastercard,
pci merchant level requirements,
visaPCI Merchant Level Requirements for VISA are stated as the following:
Level 1: Any merchant-regardless of acceptance channel-processing over 6,000,000 Visa transactions per year. Also, any merchant that Visa, at its sole discretion, determines should meet the Level 1 merchant...
July 24, 2009 8:00 PM
Posted by: Charles Denyer
charles denyer,
dss,
level 1,
merchant,
payment card industry data security standards (PCI DSS),
payment card industry security standards council,
PCI,
pci ssc,
qsa,
qualified security assessor (QSA),
service providerPCI DSS Compliance for Level 1 Merchants and Service Providers is mandatory. In short, if you are a Merchant or Service Provider and have been called upon to become Payment Card Industry Data Security Standards (PCI DSS) compliant, then an on-site assessment by a Qualified Security Assessor (QSA)...
July 24, 2009 7:53 PM
Posted by: Charles Denyer
charles denyer,
internal control audit,
internal controls,
obama,
Registered Invesment Advisers,
RIA,
sas 70 type ii,
Statement on Auditing Standards No. 70,
suprise auditSAS 70 Audit and Compliance will soon be entering the financial services and financial sector in a much more in-depth manner in the coming years. Sure, SAS 70 audits have been widely used on asset accounting, hedge funds, trust establishments, but the push will be much further and deeper in the...
July 17, 2009 12:58 PM
Posted by: Charles Denyer
charles denyer,
cpa firm,
population,
sampling,
sas 70 readiness assessment,
SAS 70 Type II audit complianceAfter years of working with the SAS 70 auditing standard, there comes a time when i need to clarify and hand out helpful advice to service organizations that will soon be undertaking the process of an actual SAS 70 audit. So, let's discuss some important issues for making sure you achieve SAS 70...
July 17, 2009 12:45 PM
Posted by: Charles Denyer
charles denyer,
mastercard,
Matercard site data protection program,
merchants level 2,
pci dss qsa,
pci dss self assessments,
qsa,
qualified security assessor,
reciprocity,
sdp program,
service providersMasterCard has recently announced changes to their Site Data Protection program, which now requires BOTH Level 1 and Level 2 Merchants to retain a Qualified Security Assessor (QSA) to validate compliance in regards to PCI DSS.
This is...
July 8, 2009 7:27 PM
Posted by: Charles Denyer
control environment,
gap analysis,
SAS 70,
sas 70 readiness assessment,
sas 70 resource guide,
sas70.us.com,
type i,
type IIMany service organizations having to undergo SAS 70 Type I or SAS 70 Type II compliance would greatly benefit from a SAS 70 Readiness Assessment. So, let's clear the air as to what this actually is.
A SAS 70 Readiness Assessment should be a proactive exercise which actually benefits the overall...
July 6, 2009 3:20 PM
Posted by: Charles Denyer
charles denyer,
cpa,
pdf,
sas 70 example report,
sas 70 sample report,
sas 70 type ii audit report,
sas70,
statment on auditing standards no. 70Obtaining a Sample SAS 70 Type II Audit Report is simply the best way for service organizations to learn about Statement on Auditing Standards No. 70. This can be a highly complex audit process,...
