November 12, 2008 3:55 PM
Posted by: Charles Denyer
merchants,
MN plastic card security act,
payment card industry,
payment card industry data security standards,
PCI,
pci assessment,
pci compliance,
PCI DSS,
policies and procedures,
service providersIf you are a merchant or service organization and need to be payment card industry (PCI) compliant with the PCI DSS provisions, then there are a number of important points you need to know. First and foremost, you need to identify what level you are in accordance with PCI DSS requirements. You can...
October 27, 2008 9:22 PM
Posted by: Charles Denyer
SAS 70,
sas 70 audit report,
sas 70 rfp,
sas 70 sample report,
SAS 70 Type I,
sas 70 type ii,
sas70 pricing,
sas70 readiness assessment questionnairesSAS 70 audits today are being conducted by CPA firms large and small, big and tall. Though they vary greatly in size, complexity and audit skills, what seems to be the industry standard is a "fixed fee" for the audit. Fixed in meaning that all...
October 27, 2008 9:03 PM
Posted by: Charles Denyer
regulatory compliance,
SAS 70,
sas 70 sample report,
SAS 70 Type I,
sas 70 type iiSAS 70 Type I and SAS 70 Type II audits are fast becoming a mainstay in today's regulatory compliance environment. If your organization is seeking to become SAS 70 Type I or SAS 70 Type II compliant in the near future, then here are some helpful tips in adequately preparing for all aspects of the...
October 19, 2008 11:45 PM
Posted by: Charles Denyer
pci compliance,
PCI DSS,
policies and proceduresPCI DSS compliance can be considered a costly, time consuming assessment for any merchant or service provider that has to obtain PCI DSS compliance. What many organizations fail to recognize is that within the PCI DSS standards are a slew of requirements for documents policies and procedures on a...
October 19, 2008 9:28 PM
Posted by: Charles Denyer
SAS 70,
SAS 70 download,
SAS 70 Type I,
sas 70 type ii,
sas70SAS 70 Type I and SAS 70 Type II audits are being required more and more by service organizations in today's growing regulatory compliance and heightened corporate governance environment.
Thus, if you are a service organization or third party providers of critical services to another entity, you...
October 19, 2008 9:17 PM
Posted by: Charles Denyer
PCI DSS,
SAS 70 Type I,
sas 70 type ii,
sas70Many organizations are having to complete both a SAS 70 Type I or SAS 70 Type II audit along with being Payment Card Industry (PCI) compliant. With that being said, I am often asked if you can create efficiencies of scale if a firm does both the SAS 70 audit and the PCI assessment. That answer is...
October 19, 2008 8:27 PM
Posted by: Charles Denyer
regulatory compliance,
SAS 70 Type I,
sas 70 type ii,
sas70Does your organization need to be SAS70 compliant? If so, many people often ask me if they have to complete a SAS70 Type I audit before doing a SAS70 Type II audit. And the answer? Well, it all depends on a number of factors, such as: 1. Has your organization ever gone through a SAS70 audit before,...
September 26, 2008 6:17 PM
Posted by: Charles Denyer
audits,
Compliance,
PCI DSS,
pci dss qsa,
SAS 70,
sas70PCI DSS and SAS70 audits are two of the most common regulatory compliance initiatives currently facing many service organizations in today's current business climate. Add to the mix of some unique similarities that both PCI DSS and SAS70 possess, and you can have some marginal to meaningful...
September 26, 2008 5:45 PM
Posted by: Charles Denyer
regulatory compliance,
SAS 70,
sas70,
sas70 readiness assessment questionnaires,
sas70 sample reportsSAS70 Auditing has become a staple in today's growing regulatory compliance world. As such, I have put together a list of questions and answers for SAS70 issues that are commonly asked to me:
1. How much does a SAS70 audit cost?
That depends on a number of issues, such as the scope of the...
