New & Notable
Audit and compliance planning News
February 10, 2015
Visa and MasterCard are putting pressure on merchants to implement Chip and PIN technology, and while it will improve transaction security, it won't make PCI compliance any easier.
April 19, 2012
In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate.
June 03, 2010
FinCEN penalty against Pamrapo Savings Bank comes two months after the bank pleaded guilty to conspiracy to violate the Bank Secrecy Act.
January 26, 2010
Experts share lessons learned by midmarket companies trying to comply with PCI DSS in areas such as self assessment questionnaires, encryption, policy creation and application security
Audit and compliance planning Get Started
Bring yourself up to speed with our introductory content
In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures. Continue Reading
Evaluate Audit and compliance planning Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
It's time to fill out the PCI DSS questionnaire, but management has said that it's no big deal, there's no need to provide accompanying documentation. But what will happen when an auditor comes knocking? Security management expert Mike Rothman ... Continue Reading
Manage Audit and compliance planning
Learn to apply best practices and optimize your operations.
As companies create their security management plan for the coming year, they should look to upgrades in Linux and Windows operating systems, Adobe applications and Internet browsers to improve their overall security position. Continue Reading
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Continue Reading
The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection. Continue Reading
Problem Solve Audit and compliance planning Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience. Continue Reading
PCI DSS 2.0, which debuts this month, includes key changes for SMBs in the areas of virtualization and vulnerability assessments. Expert Mike Chapple details the changes and explains what midmarket firms must do to comply. Continue Reading
When it became difficult for everyone to keep up with internal audit obligations, Diane Kissel, IS risk and compliance manager at the facility, helped create a compliance program. Continue Reading