Compliance
The Post-Audit Slump and What You Can Do About It
Coming from several large corporations that needed to attest to PCI DSS compliance annually, as well as being a QSA in a few former lives, I’ve seen my fair share of the post-audit slump. You know what I’m talking about; it’s the, “Wow! We completed our audit! Let’s take the next 11 months off to …
The Post-Audit Slump and What You Can Do About It Read More »
QSA’s are friendly… As long as you pick the right one… (Part 2)
QSA Partner. Continuation from Part 1… Selecting a QSA partner Back to the joys of selecting a QSA partner! I know when I contact them they are all going to want to know a lot of details about my business, including technical configurations. This is because of a PCI audit like many other audit frameworks …
QSA’s are friendly… As long as you pick the right one… (Part 2) Read More »
NIST 800-171 requirements for contractors
Meeting NIST Requirements while using SaaS Software. December 31, 2017, Organizations who process, store, and transmit Controlled Unclassified Information (CUI) need to comply with NIST Special Publication 800-171. The question organizations need to consider is what does it mean for their SaaS Applications? How do you do it in the “bring your own cloud,” (BYOC) world we live in? I …