Regulatory Compliance, Governance and Security:

ITKE grandparent


May 30, 2009  8:26 PM

SAS 70 Control Objectives for Investment Advisers | Custodial Operations



Posted by: Charles Denyer
cash and security positions, charles denyer, client funds or securities along with performing custodial duties and operations, control objectives, custodial operations, Custody of Funds or Securities of Clients by Investment Advisers, File No. S7-09-09, investment advisers, investment advisors, market values of securities, net settlement procedures, sample sas 70 type II report, SAS 70, sas70.us.com, securities income

The SEC released a draft of proposed changes regarding “Custody of Funds or Securities of Clients by Investment Advisers” (File No. S7-09-09), calling for more oversight and controls over...

May 26, 2009  6:22 PM

PCI DSS Level 1 Compliance | Helpful Tips from a PCI QSA



Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, pci qsa, pciassessment.org, policies and procedures, requirement 12

Payment Card Industry Data Security Standards (PCI DSS) Level 1 compliance can be a very arduous, time-consuming and costly undertaking for any organization. However, there are a number of proactive steps that should be put in place for helping ensure an...


May 17, 2009  9:36 PM

PCI DSS Compliance | Understanding Requirement 1



Posted by: Charles Denyer
charles denyer, CIS, e-commerce, firewalls, internet access, Network Diagrams, NIST, payment card industry data security standards (PCI DSS), Requirement 1: Install and maintain a firewall configuration to protect cardholder data, routers, rule sets, SANS, untrusted networks, wireless networks

PCI DSS Compliance is growing at an astonishing rate for merchants and service providers throughout the country and the globe. Let's take some time to distill each of the twelve (12) core Payment Card Industry Data...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


May 13, 2009  7:44 PM

SAS 70 Audits for Data Centers | It’s a “SaaS”y Environment



Posted by: Charles Denyer
charles denyer, colocation, Compliance, data centers, managed services, sas 70 and SaaS, Software as a Service, SOX

SAS 70 audits are being performed at a record pace these days on data centers, managed service providers and co-location entities. The big question is why? Well, there are many general answers that we all hear, such as "Oh, it's just today's compliance...


May 10, 2009  2:59 PM

COSO | SAS 55 | SAS 70 | SAS 78 | Understanding the Relationship



Posted by: Charles Denyer
aicpa, american institute of certified public accountants, charles denyer, coso, internal controls, sas 55, SAS 70, SAS 70 Type I, sas 78, The Committee of Sponsoring Organizations of the Treadway Commission, type ii audit

COSO is a widely used and accepted internal control framework in today's growing corporate governance initiatives. It's also heavily found in Statement on Auditing Standards No. 70 (SAS 70) audits. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework essentially...


May 9, 2009  9:49 PM

PCI DSS Self Assessment Questionnaire | Easier Said Than Done



Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Self Assessment Questionnaire, pciassessment.org, qualified security assessor

PCI DSS Self Assessment questionnaires are used for the large and growing number of merchants who must comply with the Payment Card Industry Data Security Standards (PCI DSS). In short, compliance can be obtained by conducting a "Self Assessment". What's important to note, however, is that there...


May 8, 2009  11:47 AM

SAS 70 Audit and Compliance Tips for Data Centers



Posted by: Charles Denyer
charles denyer, co-location, Compliance, cpa firm, data center, data center physical security, sas 70 audit

Learn more about SAS 70 audits for data centers by reviewing the step by step SAS 70 audit process. From beginning to end, a number of steps, activities, and deliverables must be undertaken for ensuring the audit is successful. From the...


May 4, 2009  4:20 PM

SAS 70 Certification | Expert Advice on Type I and Type II SAS 70 Audits



Posted by: Charles Denyer
audit scope, charles denyer, sample sas 70 type II report, sas 70 certification, sas 70 compliant, SAS 70 Type I, type II

SAS 70 Certification is everywhere these days, or so it seems. From small start-up organizations to large multi-national corporations, many people have been hit by the SAS 70 bug. What's also interesting to note are the vast differences you can see when...


April 30, 2009  3:13 PM

SAS 70 Compliance | A Step by Step Processes for SAS 70 Type I and Type II Audits



Posted by: Charles Denyer
charles denyer, sas 70 compliance, sas 70 readiness assessment, SAS 70 Type I, sas70 services, sas70.us.com, type ii audit

SAS 70 compliance is a multi-phased, process based methodology that is undertaken by organizations seeking to become SAS 70 Type I or Type II compliant. As a SAS 70 auditor, I’m often asked what the SAS 70 audit process is, how long it...


April 27, 2009  11:18 AM

Virtualization and Cloud Computing | How and Why Auditing WILL change



Posted by: Charles Denyer
charles denyer, cloud, cloud computing, pci audits, SAS 70, Virtualization

The whole new wave of I.T. spreading through businesses today is that of virtualization, cloud computing, the "cloud", or any other similar and broad based terms or themes. Many people have hailed this new concept for obvious reasons, such as the reduction of overall hardware gear and space taken...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: