Regulatory Compliance, Governance and Security

Sep 28 2009   12:44AM GMT

PCI DSS | SAS 70 | Finding Resources to Learn about Compliance



PCI DSS and SAS 70 Type I and Type II audits are a mainstay in today’s regulatory arena. As such, i’m often asked what are some of the best resources available to learn about the Payment Card Industry Data Security Standards (PCI DSS) initiative and the SAS 70 audit requirements.

pcisecuritystandards is the official site for PCI DSS compliance. It was put forth by the Payment Card Industry Security Standards Council, commonly known as the PCI SSC. The major payment brands have effectively endorsed the PCI DSS standards, thus you can learn all you need to know about PCI DSS by visiting their site. The left column gives you quick links to all the important PCI DSS information. Their are also some very helpful forums such as pcianswers and pcidssguru. These sites are managed by industry veterans in the Payments Industry and they give you unbiased and straight answers to any questions you may have.

SAS 70

The official AICPA website offers little in the way of education on SAS 70 audits. They do sell a book on SAS 70, but it is primarily geared towards auditors and is written in a technical manner. The other solution is to visit the Official SAS 70 Resource Guide, where you can watch training videos and learn all aspects of SAS 70 Type I and Type II audits.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: