508 Compliance, AS/400 compliance, Audit and compliance, Auditing (compliance), Business Intelligence for Compliance, Check for License Compliance, Compliance Assessment, Compliance checklist, compliance management, Compliance mapping, Compliance process, Compliance products, Dodd-Frank, E-discovery, EU directive 95/46, Financial industry, Financial regulations, Governance, Governance Risk and Compliance, grc, GRC program, GRC software, HIPAA Compliance, HIPAA regulations, HIPPA Compliance, Information security governance, IT Compliance, IT Governance, Laws, Lawsuits, PCI, PCI compliance, PCI Compliance and Acquisitions, PCI DSS compliance, Privacy rights, Project governance, Regulations, regulatory compliance, Risk mitigation, Sarbanes-Oxley, Sarbanes-Oxley Act, SEC Compliance, Security compliance, SOX, SOX 404, SOX checklist, SOX compliance, standards, Virtualization compliance, windows 7 compliance VIEW ALL TAGS
Requirement 1.4(b) asks if personal firewall software is not alterable by employee-owned computer users. If we allow employees to alter their personal firewall software settings, what other compensating controls could we implement in order to meet satisfy the objective of this requirement?
How does one become credited to do audits for PCI compliance .. what are the steps to be followed .. Does anyone know or understand the cost .. IS it a comp-any or an individual that gets a certificated or both ? what if the employees leaves does the company stay certified ?
We are thinking of acquiring a company which has a product which is not pci compliant. We are PCI-Compliant and want to Legally Segment the company so we can pass next years audit while we work to bring the other division into pci compliance. Would setting up a Holding company with two divsions...