To meet the evolving and complex needs of payment security, the PCI Security Council, a global payment security forum, announced on March 31 it has published its version 4.0 of the PCI Data Security Standard (PCI DSS). PCI DSS provides a baseline of technical and...
Some organizations consider compliance audits a cost of doing business: resource-intensive and time-consuming, but a necessary step toward securing a new contract or maintaining an existing agreement. However, this view doesn’t take into account the full impact of a...
Compliance audits require a significant amount of documentation. Whether you’re working toward a SOC report, a HITRUST certification, a PCI Report on Compliance, or any other security initiative, you will need to provide your auditor with formal evidence that your...
Key objectives of the PCI DSS 4.0 update: Continue to provide the critical foundation for securing payment data Promote security as an ongoing process Improve flexibility for organizations using a wide range of technologies Enhance validation methods and procedures...
If a customer (or prospect) has asked you to provide a System and Organizational Controls (SOC) report, you have a valuable opportunity to communicate important information about your risk management and compliance program. In most cases, these organizations are...
