Regulatory Compliance, Governance and Security:

charles denyer


November 25, 2009  8:20 PM

SAS 70 Audits and PCI DSS Assessments | Expert Advice from an Auditor



Posted by: Charles Denyer
charles denyer, payment card industry data security standards (PCI DSS), PCI DSS, pci dss assessments, SAS 70, type II

SAS 70 audits and PCI DSS assessments are truly starting to dominate the regulatory compliance landscape. For a large number of our firm's clients, we actively assess them for yearly SAS 70 and PCI DSS compliance. The chatter of late is surrounding what efficiencies of scale, if any, can be had...

November 24, 2009  6:51 PM

PCI Qualified Security Assessor | How to Choose a QSA



Posted by: Charles Denyer
charles denyer, merchants, pci dss readiness assessment, pci roadmap to compliance, qsa, qualified security assessor (QSA), service providers

Need a PCI Qualified Security Assessor? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make...


November 24, 2009  6:42 PM

12 PCI Requirements | What you Need to Know for PCI DSS



Posted by: Charles Denyer
12 PCI DSS requirements, 12 pci requirements, charles denyer, gap analysis, merchant, Payment Card Industry Data Security Standard, PCI DSS, service provider

The 12 PCI requirements are essentially the areas that merchants and service providers will need to be compliant with regarding the Payment Card Industry Data Security Standards (PCI DSS) provisions. What's...


November 20, 2009  1:14 AM

SAS 70 and Business Continuity Planning (BCM) | What you Need to Know



Posted by: Charles Denyer
aicpa, BCM, Business Continuity Disaster Recovery, charles denyer, control objectives, SAS 70, sas 70 type ii, type i

As a SAS 70 auditor, i'm often asked if Business Continuity and Disaster Recovery (or any of the other similar terms and phrases used) is part of the actual SAS 70 audit. In fairness, it is even though "technically" it does not fall into a...


November 18, 2009  3:44 PM

PCI DSS and Service Providers | Common Examples of these Entities



Posted by: Charles Denyer
charles denyer, merchants, payment card industry data security standards (PCI DSS), pci dss compliant, pciassessment.org, service providers

The Payment Card Industry Data Security Standards (PCI DSS) provisions call for both merchants and service providers to become PCI DSS compliant. Though the term "merchant" is easily understood, the term "service provider" has created some...


November 18, 2009  1:52 PM

PCI DSS Compliance and the Major Payment Brands | What you may NOT Know



Posted by: Charles Denyer
American Express Data Security Operating Policy, Cardholder Information Security Program, charles denyer, Data Security Program, Discover Information Security Compliance, Payment Card Industry Data Security Standard, PCI DSS, PCI Resource Guide, Site Data Protection

Merchants and service providers seeking to become Payment Card Industry Data Security Standards (PCI DSS) compliant may not actually know that the five (5) major payment brand also have their own security risk management and compliance...


November 17, 2009  7:42 PM

PCI DSS Readiness Assessments | Hire a Qualified Security Assessor (QSA)



Posted by: Charles Denyer
charles denyer, merchants, pci dss compliance, pci dss readiness assessment, qsa, qualified security assessor, service providers

PCI DSS compliance can be an arduous undertaking for many service providers and merchants in today's business arena. Add to the fact the many organizations are unsure of the roadmap for PCI DSS compliance, it makes sense to hire a Qualified Security...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


November 17, 2009  7:33 PM

SAS 70 Audits | How Expensive are They and What is the true Cost?



Posted by: Charles Denyer
charles denyer, cost of sas 70 audit, How expensive is a SAS 70, SAS 70, SAS 70 CPA firm, Statement on Auditing Standards No. 70, type i, type II

As a SAS 70 auditor for a nationally recognized boutique CPA firm, i can honestly attest to the fact that SAS 70 pricing is still all over the map. I hear of SAS 70 Type I audits costing as little as $12,000 to SAS 70 Type II reports costing as much as $70,000. That's not too say these prices are...


September 28, 2009  10:09 PM

PCI DSS Compliance for Service Providers | A Growing Trend



Posted by: Charles Denyer
charles denyer, data centers, managed services, merchants, payment card industry data security standards, payment gatteways, PCI DSS, service providers

PCI DSS compliance for service providers is growing at quite an astonishing rate, to say the least. One of the biggest contributors is that of data centers, co-location facilities, and other types of organizations providing managed services. In short, they...


September 28, 2009  12:44 AM

PCI DSS | SAS 70 | Finding Resources to Learn about Compliance



Posted by: Charles Denyer
audits, charles denyer, PCI DSS, SAS 70, type i, type II

PCI DSS and SAS 70 Type I and Type II audits are a mainstay in today's regulatory arena. As such, i'm often asked what are some of the best resources available to learn about the Payment Card Industry Data Security...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: