Regulatory Compliance, Governance and Security:

charles denyer

May 26, 2009  6:22 PM

PCI DSS Level 1 Compliance | Helpful Tips from a PCI QSA

Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, pci qsa,, policies and procedures, requirement 12

Payment Card Industry Data Security Standards (PCI DSS) Level 1 compliance can be a very arduous, time-consuming and costly undertaking for any organization. However, there are a number of proactive steps that should be put in place for helping ensure an...

May 20, 2009  5:10 PM

PCI DSS Requirement 2 | Vendor Supplied Defaults | Expert Advice

Posted by: Charles Denyer
charles denyer, PCI DSS Requirement 2, system components, vendor default passwords

PCI DSS Requirement 2 is the second out of 12 requirements of the PCI DSS initiatives. What's important to note about PCI DSS Requirement 2 is that it deals largely with removing vendor supplied default password before putting these new system components on the network in the cardholder...

May 17, 2009  9:36 PM

PCI DSS Compliance | Understanding Requirement 1

Posted by: Charles Denyer
charles denyer, CIS, e-commerce, firewalls, internet access, Network Diagrams, NIST, payment card industry data security standards (PCI DSS), Requirement 1: Install and maintain a firewall configuration to protect cardholder data, routers, rule sets, SANS, untrusted networks, wireless networks

PCI DSS Compliance is growing at an astonishing rate for merchants and service providers throughout the country and the globe. Let's take some time to distill each of the twelve (12) core Payment Card Industry Data...

Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 13, 2009  7:44 PM

SAS 70 Audits for Data Centers | It’s a “SaaS”y Environment

Posted by: Charles Denyer
charles denyer, colocation, Compliance, data centers, managed services, sas 70 and SaaS, Software as a Service, SOX

SAS 70 audits are being performed at a record pace these days on data centers, managed service providers and co-location entities. The big question is why? Well, there are many general answers that we all hear, such as "Oh, it's just today's compliance...

May 10, 2009  2:59 PM

COSO | SAS 55 | SAS 70 | SAS 78 | Understanding the Relationship

Posted by: Charles Denyer
aicpa, american institute of certified public accountants, charles denyer, coso, internal controls, sas 55, SAS 70, SAS 70 Type I, sas 78, The Committee of Sponsoring Organizations of the Treadway Commission, type ii audit

COSO is a widely used and accepted internal control framework in today's growing corporate governance initiatives. It's also heavily found in Statement on Auditing Standards No. 70 (SAS 70) audits. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework essentially...

May 9, 2009  9:49 PM

PCI DSS Self Assessment Questionnaire | Easier Said Than Done

Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Self Assessment Questionnaire,, qualified security assessor

PCI DSS Self Assessment questionnaires are used for the large and growing number of merchants who must comply with the Payment Card Industry Data Security Standards (PCI DSS). In short, compliance can be obtained by conducting a "Self Assessment". What's important to note, however, is that there...

May 8, 2009  11:47 AM

SAS 70 Audit and Compliance Tips for Data Centers

Posted by: Charles Denyer
charles denyer, co-location, Compliance, cpa firm, data center, data center physical security, sas 70 audit

Learn more about SAS 70 audits for data centers by reviewing the step by step SAS 70 audit process. From beginning to end, a number of steps, activities, and deliverables must be undertaken for ensuring the audit is successful. From the...

May 4, 2009  4:20 PM

SAS 70 Certification | Expert Advice on Type I and Type II SAS 70 Audits

Posted by: Charles Denyer
audit scope, charles denyer, sample sas 70 type II report, sas 70 certification, sas 70 compliant, SAS 70 Type I, type II

SAS 70 Certification is everywhere these days, or so it seems. From small start-up organizations to large multi-national corporations, many people have been hit by the SAS 70 bug. What's also interesting to note are the vast differences you can see when...

April 30, 2009  3:13 PM

SAS 70 Compliance | A Step by Step Processes for SAS 70 Type I and Type II Audits

Posted by: Charles Denyer
charles denyer, sas 70 compliance, sas 70 readiness assessment, SAS 70 Type I, sas70 services,, type ii audit

SAS 70 compliance is a multi-phased, process based methodology that is undertaken by organizations seeking to become SAS 70 Type I or Type II compliant. As a SAS 70 auditor, I’m often asked what the SAS 70 audit process is, how long it...

April 30, 2009  2:51 PM

PCI DSS Requirements | VISA Merchant Levels and Requirements for Compliance

Posted by: Charles Denyer
000, 000 to 1, 000 to 6, 20, american express, amex, annual self assessment, charles denyer, Discover Card, fewer than 20, jcb, level 1, level 2, level 3, level 4, mastercard, pci dss requirements, pci qsa, processing 1, processing over 6, quarterly network scan asv, visa

PCI DSS VISA Requirements for Merchants as stated by VISA require merchants to first and foremost identify what “Level” of compliance is required. This simply requires your organization to identify the number of transactions per year that...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: