Regulatory Compliance, Governance and Security

Nov 25 2009   8:20PM GMT

SAS 70 Audits and PCI DSS Assessments | Expert Advice from an Auditor

Charles Denyer Charles Denyer Profile: Charles Denyer

SAS 70 audits and PCI DSS assessments are truly starting to dominate the regulatory compliance landscape. For a large number of our firm’s clients, we actively assess them for yearly SAS 70 and PCI DSS compliance. The chatter of late is surrounding what efficiencies of scale, if any, can be had by conducting both a SAS 70 audit and a PCI DSS assessment for an organization that needs both.

I urge you to read a very compelling article I wrote regarding both of these major compliance initiatives.
Titled “SAS 70 Audits and PCI DSS | a Technical White Paper” it discusses these very issues and brings to light some extremely important points for both SAS 70 and PCI DSS compliance.

In summary, tread cautiously when thinking that doing both is simply a “two for one”, meaning you can conduct both a SAS 70 audit and a PCI DSS assessment at the same time.

If you want to learn more about SAS 70 audits, visit the official SAS 70 Resource Guide and if you want to learn more about PCI DSS assessments, visit the official PCI DSS Resource Guide.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: