Blog

Filed In: ISO 27001, SOC 1/2, GDPR and Privacy, PCI DSS, Risk and Compliance

Information Technology Policies and Procedures: Are We Ready for Our Audit?

Written By: Keith Parkman

November 09, 2018

Views: 149

Every company should have documented Information Technology policies and procedures to prepare them for regulatory requirements. However most organizations, particularly startup companies, do not have the time or expertise in drafting these very important documents.

Filed In: PCI DSS, Risk and Compliance

PCI Time-Based Requirements as a Starting Point for Business-As-Usual Process Monitoring

Written By: Chip Ross

February 01, 2018

Views: 881

In the Verizon Payment Security Report published August 31, 2017, there was an alarming statistic: 44.6% of companies fall out of DSS Compliance within nine months of validation.

Filed In: PCI DSS, Risk and Compliance

2018 Brings Significant PCI DSS Changes: Here’s Your Cheat Sheet for Compliance

Written By: Tony Fulda

November 13, 2017

Views: 2006

2018 is right around the corner, and that means there are some key deadlines approaching that could impact your organization’s PCI DSS compliance status.

Filed In: PCI DSS, Risk and Compliance

Payment Aggregation

Written By: Chip Ross

November 15, 2016

Views: 1527

Payment aggregation is relatively new in the PCI world, and hasn’t had much exposure to the QSA community. You may have run across some entities telling prospects and clients they have no PCI obligations for any transactions undertaken using their products.