Regulatory Compliance, Governance and Security:

November, 2009

1

November 25, 2009  8:20 PM

SAS 70 Audits and PCI DSS Assessments | Expert Advice from an Auditor

Charles Denyer Charles Denyer Profile: Charles Denyer

SAS 70 audits and PCI DSS assessments are truly starting to dominate the regulatory compliance landscape. For a large number of our firm's clients, we actively assess them for yearly SAS 70 and PCI DSS compliance. The chatter of late is surrounding what efficiencies of scale, if any, can be had...

November 24, 2009  6:51 PM

PCI Qualified Security Assessor | How to Choose a QSA

Charles Denyer Charles Denyer Profile: Charles Denyer

Need a PCI Qualified Security Assessor? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make...


November 24, 2009  6:42 PM

12 PCI Requirements | What you Need to Know for PCI DSS

Charles Denyer Charles Denyer Profile: Charles Denyer

The 12 PCI requirements are essentially the areas that merchants and service providers will need to be compliant with regarding the Payment Card Industry Data Security Standards (PCI DSS) provisions. What's...


November 20, 2009  1:14 AM

SAS 70 and Business Continuity Planning (BCM) | What you Need to Know

Charles Denyer Charles Denyer Profile: Charles Denyer

As a SAS 70 auditor, i'm often asked if Business Continuity and Disaster Recovery (or any of the other similar terms and phrases used) is part of the actual SAS 70 audit. In fairness, it is even though "technically" it does not fall into a...


November 18, 2009  3:44 PM

PCI DSS and Service Providers | Common Examples of these Entities

Charles Denyer Charles Denyer Profile: Charles Denyer

The Payment Card Industry Data Security Standards (PCI DSS) provisions call for both merchants and service providers to become PCI DSS compliant. Though the term "merchant" is easily understood, the term "service provider" has created some...


November 18, 2009  1:52 PM

PCI DSS Compliance and the Major Payment Brands | What you may NOT Know

Charles Denyer Charles Denyer Profile: Charles Denyer

Merchants and service providers seeking to become Payment Card Industry Data Security Standards (PCI DSS) compliant may not actually know that the five (5) major payment brand also have their own security risk management and compliance...


November 17, 2009  7:42 PM

PCI DSS Readiness Assessments | Hire a Qualified Security Assessor (QSA)

Charles Denyer Charles Denyer Profile: Charles Denyer

PCI DSS compliance can be an arduous undertaking for many service providers and merchants in today's business arena. Add to the fact the many organizations are unsure of the roadmap for PCI DSS compliance, it makes sense to hire a Qualified Security...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


November 17, 2009  7:33 PM

SAS 70 Audits | How Expensive are They and What is the true Cost?

Charles Denyer Charles Denyer Profile: Charles Denyer

As a SAS 70 auditor for a nationally recognized boutique CPA firm, i can honestly attest to the fact that SAS 70 pricing is still all over the map. I hear of SAS 70 Type I audits costing as little as $12,000 to SAS 70 Type II reports costing as much as $70,000. That's not too say these prices are...


November 9, 2009  12:58 PM

PCI DSS Roadmap to Compliance | Phase I

Charles Denyer Charles Denyer Profile: Charles Denyer

Merchants and service providers seeking to become Payment Card Industry Data Security Standards (PCI DSS) compliant, will need to embark on a structured "PCI DSS Roadmap to Compliance" for ensuring a seamless and transparent process. So what does this really mean and entail? It essentially requires...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: