Regulatory Compliance, Governance and Security:

sas70


August 23, 2009  4:39 PM

GLBA, HIPAA, SAS 70, PCI DSS | what is next for Compliance?



Posted by: Charles Denyer
charles denyer, GLBA, HIPAA, payment card industry data security standards, PCI DSS, SAS 70, sas70, The Minnesota Plastic Card Security Act

The trend of late has been Payment Card Industry (PCI) Data Security Standards (DSS) compliance, along with a continued emphasis on the well known SAS 70 auditing standard. And occasionally, calls for GLBA and HIPAA compliance come calling also. As an...

August 3, 2009  7:25 PM

SAS 70 Audits and PCI DSS Assessments | What you NEED to Know



Posted by: Charles Denyer
merchants, payment card industry data security standards, PCI DSS, pci dsss level 1 assessments, SAS 70, sas70, service organizations, service providers, type i, type II

SAS 70 audits and PCI DSS Assessments are on everybody's radar screen today, or though it seems. Particularly, SAS 70 Type II Audits and Payment Card Industry Data Security Standards (PCI DSS) Level I assessments. And why? Because many service organizations, merchants, and service providers are...


July 6, 2009  3:20 PM

Sample SAS 70 Type II Audit Report | Learn about SAS 70 Audits



Posted by: Charles Denyer
charles denyer, cpa, pdf, sas 70 example report, sas 70 sample report, sas 70 type ii audit report, sas70, statment on auditing standards no. 70

Obtaining a Sample SAS 70 Type II Audit Report is simply the best way for service organizations to learn about Statement on Auditing Standards No. 70. This can be a highly complex audit process,...


June 20, 2009  3:20 AM

SAS 70



Posted by: Charles Denyer
charles denyer, control environment, general controls report, sarbanes oxley act of 2002, SAS 70 Type I, sas70, Statement on Auditing Standards No. 70, type II

Statement on Auditing Standards No. 70, simply known as SAS 70 to many, has had a profound impact on regulatory compliance since the passage of the Sarbanes Oxley Act in 2002. As a SAS 70 auditor for many years, i've been asked a broad and wide range of...


February 18, 2009  7:53 PM

PCI DSS and SAS 70 Audits | Audit Efficiencies? Maybe…just Maybe



Posted by: Charles Denyer
payment card industry data security standards (PCI DSS), PCI DSS, pci dss assessments, qsa, SAS 70, sas 70 audits, sas70

As a SAS 70 auditor and a PCI QSA, i'm often asked about the efficiencies of scale that can be achieved with SAS 70 audits and PCI DSS assessments. I have blogged about this a few times before, so let me be more clear and transparent in what i believe can actually be obtained in regards to audit...


February 8, 2009  2:59 PM

SAS 70 Audit Guide | Learn the Secrets to SAS 70 Audits



Posted by: Charles Denyer
sas 70 audit guide, sas 70 scoping and pricing, SAS 70 Type I, sas70

Need to learn about SAS 70 audits? Not too sure about what the audit actually entails in regards to scope, time, effort and financial considerations? Well, if your organization is seeking to become SAS 70 Type I or Type II compliant for 2009...


January 17, 2009  8:00 PM

Payment Card Compliance | PCI DSS | Tips on Passing your PCI DSS Assessment



Posted by: Charles Denyer
change mangement for pci dss, payment card industry data security standards, pci compliance, PCI DSS, sas 70 audits, sas70, two-factor authentication for pci dss

Regarding PCI DSS, as a PCI QSA i'm often asked what's the most difficult hurdle that organizations need to overcome for ensuring PCI DSS compliance. Well, we could talk at length about some of the technical, I.T. challenges, such as two-factor authentication, encryption (though not...


January 16, 2009  3:46 PM

SAS 70 Audits & Data Centers | Tips on Preparing for the Audit



Posted by: Charles Denyer
change management sas 70, co-locations, environmental security, incident management, incident management sas 70, managed services sas 70, payment card industry, PCI, PCI DSS, physical security, SAS 70, sas 70 data centers, sas70

Today's data centers and managed services providers are complex businesses, providing customers with a wide array of services. As such, SAS 70 audits have become the standard compliance audit for assessing internal controls for data centers and managed...


December 31, 2008  11:36 PM

SAS 70 Audit Reports | Learn About SAS 70 by Obtaining a Sample Report



Posted by: Charles Denyer
SAS 70, SAS 70 Type I, sas70, type ii audit

Many service organizations who have to undergo a SAS 70 Type I or Type II audit have never had the ability to see or read what a final report looks like after the audit has been completed. With this now available, service organizations can gain...


December 31, 2008  11:30 PM

SAS 70 Audits | Understanding PRICING for SAS 70 Engagements



Posted by: Charles Denyer
cpa firm, Sarbanes-Oxley, sas 70 audit, sas 70 type i type ii, sas70, SOX

SAS 70 Type I and Type II audits have become common for many organizations providing critical outsourcing services to companies. Known as service organizations, they have all landed on the regulatory radar of having to be SAS 70 compliant, due...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: