PCI DSS: Updated Penetration Testing Requirements – Frequently Asked Questions
Is your organization prepared for the upcoming PCI DSS requirement going into effect? To prepare your organization for this change, our team has assembled an FAQ to address any of your potential...
View ArticlePCI DSS v3.2 and the Penetration Testing Requirements for Service Providers
In April 2016, the Payment Card Industry Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 3.2. With the updates came clarification to requirements, additional...
View ArticleOutline of Guidance for PCI DSS Scoping and Network Segmentation
In order to clarify scoping and network segmentation principles in PCI DSS, the PCI SSC has released additional guidance in order to help organizations identify what systems are considered in scope for...
View ArticleHow A-LIGN Helped Cloudreach Become PCI DSS Compliant
It is essential for any organization that processes, stores or transmits credit card data to be compliant with the Payment Card Industry Data Security Standard (PCI DSS)—and as the world’s largest...
View ArticleUnderstanding PCI DSS Requirement 6.4.6
How do significant changes affect PCI DSS? PCI DSS 6.4.6. is a requirement for organizations to use to ensure that appropriate controls have been reviewed and implemented. PCI DSS Requirement 6.4.6...
View ArticleThe New Normal: Fully-Enabled Remote Audits
The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote...
View ArticleMind the Gap: How to Change Auditors without Impacting Compliance
Increasingly, organizations are realizing that a strategic compliance program increases operational efficiencies by replacing ad hoc and transactional audits with a more thoughtful approach. And as...
View Article4 Miscellaneous HITRUST Regulatory Factors to Consider
Over the last few blogs, we have provided a comprehensive overview of the HITRUST landscape, from the authoritative sources at its core, to the optional regulations, or regulatory factors, that are...
View ArticleSet Reminders and Stay On Track with this PCI DSS Timeline
Many organizations struggle to keep up with the PCI compliance. We walk through three key areas and share a resource with over 57 requirements to check off and the related timeframes prescribed by the...
View ArticleHow HITRUST Certification Can Satisfy Your SOC 2, ISO 27001, and FedRAMP...
The HITRUST CSF pulls from many major pre-existing frameworks to provide a complete, certifiable security standard. Learn about the many different cybersecurity frameworks that can be incorporated...
View Article
More Pages to Explore .....