Tag Archive: audit

Preparing for an ISO 27001 and 27002 Audit

Written by
Preparing for an ISO 27001 and 27002 Audit

Preparing for an ISO 27001 and 27002 Audit Getting your certification for ISO 27001 is a complex and time-consuming endeavor. But for many organizations, it’s worth the effort. That’s because ISO 27001 is the international standard for Information Security Management System (ISMS). Being able to say you’re “ISO 27001 certified” tells stakeholders that your organization is serious about protecting the security and privacy of their information. Stakeholders include your current and future clients, business partners, suppliers, and customers. In this day and age, that’s no small claim. And in fact, ISO 27001 certification is a must for many enterprises that do business with you. Mere ISO 27001 compliance isn’t always enough. To become certified as ISO compliant, you must pass…

Tags: , , ,
Categorized in:

Understanding the PCI Levels of Compliance

Written by

Understanding the PCI Levels of Compliance While every merchant and service provider that processes, stores, or transmits credit card data must comply with the Payment Card Industry Data Security Standard (PCI DSS), not all must travel the same path to PCI compliance. The amount of risk an organization faces depends on a variety of factors. Recognizing these differences, the PCI Security Standards Council developed four compliance levels for merchants and two for service providers. The level an enterprise belongs depends upon:     How many credit card transactions it processes in a year, and      Whether it has suffered a breach or cyberattack resulting in compromise of credit card or cardholder data. The entities with the most stringent and…

Tags: , ,
Categorized in:

Here’s Why Regulatory Compliance Is Important

Written by
COSO and COBIT 5

The phrase regulatory compliance comes with the onomatopoetic groaning sound made by most people involved in it. Despite what many consider the drudgery of rules and pedantic details, regulatory compliance offers several benefits for companies. Why Regulatory Compliance is an Important Part of Business Today Any compliance officer will tell you that financial safety is the first benefit associated with regulatory compliance. Regulatory noncompliance costs organizations steep penalties. More importantly for the c-suite, regulatory compliance provides guidance that helps businesses succeed.  Compliance law evolved to help create parity in the marketplace while offering consumers a sense of security. Enterprises need compliance to prosper ethically. Often, however, regulatory requirements feel like a quagmire dragging down profitability. Easing compliance management burdens with…