Regulatory Compliance, Governance and Security:

charles denyer


March 24, 2009  11:49 PM

What is Required for PCI Assessment? | PCI DSS Q and A



Posted by: Charles Denyer
Build and Maintain a Secure Network, charles denyer, Implement Strong Access Control Measures, Maintain an Information Security Policy, PCI DSS, Protect Cardholder Data, qualified security assessor (QSA), Regularly Monitor and Test Networks, requirement 12, What is Required for PCI Assessment?

What is required for PCI assessment compliance? This is a question i'm often asked, especially by organizations that need to comply with Level 1 of the PCI DSS standards, which is an on-site assessment conducted by a Qualified Security Assessor (QSA), such as myself. Well,

March 24, 2009  11:39 PM

12 PCI DSS Requirements | Lessons Learned from a PCI QSA



Posted by: Charles Denyer
12 PCI DSS requirements, charles denyer, payment card industry dat, payment card industry data security standards (PCI DSS), pci dss policies and procedures, pci readiness assessment, qualified security assessor (QSA)

The 12 PCI DSS Requirements are lengthy and technical indeed. However, organizations need to truly understand the scope of the PCI assessment for gaining greater insight into the efficiencies that can be had for undertaking a...


March 23, 2009  12:07 PM

PCI DSS Merchants Levels | Learn Your Requirements for PCI DSS Compliance



Posted by: Charles Denyer
american express, charles denyer, discover, jcb, mastercard, pci dss merchant levels, pci ssc, qsa, qualified security assessor (QSA), self assessment questionnaire, visa

Regarding PCI DSS merchant levels, it is paramount that these very merchants properly identify the level they fall under for compliance with PCI DSS. Most merchants will be able to undergo their own payment card industry data security standards (PCI DSS) self assessment questionnaire (SAQ)....


March 23, 2009  11:53 AM

Payment Card Industry Compliance | Its much more than just PCI DSS



Posted by: Charles Denyer
charles denyer, cvv2, pa-dss, payment application data security standard, payment card industry compliance, PCI DSS, pci ssc, ped, pin data, pin entry devices

When people think of payment card industry compliance, they naturally think of PCI DSS compliance. And to be fair, the vast majority of organizations undergoing PCI DSS compliance are merchants and service providers who have to either conduct their own...


March 20, 2009  6:34 PM

SAS 70 Compliant | Discussion on SAS 70 Auditing Methodologies



Posted by: Charles Denyer
aicpa, audit, charles denyer, IIA, isaca, remediation, sas 70 compliance, sas 70 compliant, sas 70 readiness assessment, sas 70 resource guide, sas 70 type ii

Being SAS 70 compliant is quickly becoming a requirement for many service organizations (i.e., companies that provide outsourcing to another entity) in today's business arena. Many companies, however, voice frustration in not really understanding the audit...


March 20, 2009  6:20 PM

SAS 70 Compliance | Tips on Scoping a SAS 70 Audit



Posted by: Charles Denyer
audit, charles denyer, general controls audit, managed services sas 70, SAS 70, sas 70 compliance, sas 70 resource guide, sas 70 type ii

SAS 70 compliance is commonplace for many of today's businesses. Unfortunately, one of the missing ingredients in understanding SAS 70 compliance is the scope of the audit. That's right. The who, what, when, where, and why of the actual SAS 70 audit process....


March 15, 2009  2:24 AM

SAS 70 Type 2 Audit | Learn about SAS 70 Compliance



Posted by: Charles Denyer
aicpa, charles denyer, sas 70 compliance, sas 70 compliant, sas 70 resource guide, sas 70 type 2 audit

If you want to learn more about a SAS 70 Type 2 audit and SAS 70 compliance, then listen up. Becoming SAS 70 compliant can be full of minefields out in today's regulatory compliance world. But it shouldn't be. In fact achieving SAS 70 compliance should be looked upon as a structured, multi-step...


March 14, 2009  10:35 PM

SAS 70 Certification | Learn about SAS 70 Type 2 Audits



Posted by: Charles Denyer
auditor, charles denyer, fieldwork, sas 70 certification, sas 70 readiness assessment, sas 70 type 2 audit, sas 70 type i type ii

SAS 70 certification is becoming a hot topic for many organizations in today's business world. You name the industry, and i can almost guarantee you that somebody has had to be SAS 70 compliant. Though the term SAS 70 certification is technically incorrect, because you are not really becoming...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: