Regulatory Compliance, Governance and Security:

requirement 12


May 31, 2009  3:33 PM

Policies and Procedures | SAS 70 | PCI DSS | An Auditor’s Viewpoint

Posted by: Charles Denyer
Add new tag, change management, charles denyer, Maintain an Information Security Policy, PCI DSS, policies and procedures, requirement 12, SAS 70 Type I, sas 70 type ii

Policies and Procedures-it's such a common theme and phrase in today's regulatory compliance and governance arena, so much so, i think it should have it's own Wikipedia page. It can be an arduous undertaking in developing these documents. Furthermore, policies and procedures are becoming...

May 26, 2009  6:22 PM

PCI DSS Level 1 Compliance | Helpful Tips from a PCI QSA

Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, pci qsa,, policies and procedures, requirement 12

Payment Card Industry Data Security Standards (PCI DSS) Level 1 compliance can be a very arduous, time-consuming and costly undertaking for any organization. However, there are a number of proactive steps that should be put in place for helping ensure an...

March 24, 2009  11:49 PM

What is Required for PCI Assessment? | PCI DSS Q and A

Posted by: Charles Denyer
Build and Maintain a Secure Network, charles denyer, Implement Strong Access Control Measures, Maintain an Information Security Policy, PCI DSS, Protect Cardholder Data, qualified security assessor (QSA), Regularly Monitor and Test Networks, requirement 12, What is Required for PCI Assessment?

What is required for PCI assessment compliance? This is a question i'm often asked, especially by organizations that need to comply with Level 1 of the PCI DSS standards, which is an on-site assessment conducted by a Qualified Security Assessor (QSA), such as myself. Well,


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: