December 30, 2008 2:08 PM
Posted by: Charles Denyer
payment card industry,
payment card industry data security standards,
PCI,
pci assessment,
pci compliance,
PCI DSS,
pci dss qsa,
pci dss requirement 1.1.1,
pci dss requirement 1.1.2Is your organization seeking to become Payment Card Industry (PCI) Data Security Standards (DSS) compliant for 2009? Are you a merchant or service provider that is directly involved in the processing, storage, or transmission of transaction data or cardholder data? If you answered yes to these...
November 29, 2008 5:30 PM
Posted by: Charles Denyer
Compliance,
SAS 70,
sas 70 audit report,
sas 70 control objectives,
SAS 70 readiness questionnaire,
SAS 70 Type I,
sas 70 type ii,
sas70,
sas70 pricing,
sas70 readiness assessment questionnaires,
sas70 sample reportsPeople often ask me what the price of a SAS 70 Type I or SAS 70 Type II audit is. My response? That depends, I say, on many, many factors. Here is what needs to be understood when considering pricing factors for SAS 70 Type I and Type II audits:
1. The CPA...
November 28, 2008 10:43 PM
Posted by: Charles Denyer
audits,
SAS 70,
sas 70 audit report,
sas 70 control objectives,
SAS 70 readiness questionnaire,
sas 70 sample report,
SAS 70 Type I,
sas 70 type ii,
sas70,
sas70 readiness assessment questionnairesSuccessful completion of SAS 70 Type I or SAS 70 Type II audit reports should start with undertaking a SAS 70 Readiness Assessment. A readiness assessment is an important part of the audit process in that it helps identify weaknesses, gaps, and deficiencies within your organization's control...
November 23, 2008 7:46 PM
Posted by: Charles Denyer
GLBA,
HIPAA,
regulatory compliance,
Sarbanes-Oxley,
SAS 70,
sas 70 audit report,
sas 70 control objectives,
sas 70 type ii,
sas70,
section 404 sox,
SOX,
What is SAS 70?We live in a world of heightened regulatory compliance and corporate governance. From the passage of the 2002 Sarbanes-Oxley Act to numerous other pieces of legislation (HIPAA, GLBA, just to name a few), "comply, comply, comply" is the new mantra being pushed throughout organizations and at all...
November 23, 2008 7:24 PM
Posted by: Charles Denyer
payment card industry,
payment card industry data security standards,
PCI,
pci assessment,
pci compliance,
PCI DSS,
pci dss qsa,
pci dss requirement 1.1.2,
policies and procedures,
qsa,
regulatory compliance,
SAS 70,
sas 70 audit reportPayment Card Industry (PCI) Data Security Standards (DSS) compliance for PCI DSS requirement 1.1.2 calls for "Current network diagram with all connections to cardholder data, including any wireless networks" Thus, testing for validating...
November 23, 2008 7:14 PM
Posted by: Charles Denyer
payment card industry,
payment card industry data security standards,
PCI,
pci assessment,
pci compliance,
PCI DSS,
pci dss qsa,
pci dss requirement 1.1.1,
policies and procedures,
qsaPCI DSS Requirement 1.1.1 calls for "A formal process for approving and testing all network connections and changes to the firewall and router configurations". Thus, the test to validate this, in accordance with PCI DSS 1.2 standards is to...
November 23, 2008 7:03 PM
Posted by: Charles Denyer
configurations,
firewalls,
payment card industry,
PCI,
pci assessment,
pci compliance,
PCI DSS,
pci dss qsa,
ports,
qsa,
regulatory compliance,
requirement 1.0,
requirement 1.1Payment Card Industry (PCI) Data Security Standards (DSS) for Requirement 1.1 require organizations to "Establish firewall and router configuration standards". This requirement falls under the functional area of the overall Requirement...
November 13, 2008 3:28 AM
Posted by: Charles Denyer
merchants,
payment card industry,
payment card industry data security standards,
PCI,
pci assessment,
pci compliance,
PCI DSS,
pci dss qsa,
service providersAre you a merchant or service provider that needs to be Payment Card Industry Data Security Standards (PCI DSS) compliance? Are you an entity directly involved in the processing, storage, or transmission of transaction data or cardholder data? If so, then read on because one of the most important...
