Tag Archive: PCI DSS

Security and Compliance: Steps to Activate Your Wonder Twin Powers

Written by - January 24, 2018

Security and compliance are the Wonder Twins of information security, needing each other for their powers to activate and protect you from threats.

Out of Order: 5 Compliance Projects Gone Terribly Wrong

Written by - May 26, 2017
managing third party risk

No one wants to admit that compliance can go horribly wrong, but it does happen. If you’re worried about how to handle a problem, Reciprocity’s seasoned GRC experts can assure you they’ve seen it all. In this webinar, Matt Kelly, Editor of Radical Compliance talks with our own Aaron Kraus, Dave Schmoeller, and Dave Driggers as they share their stories of working on implementing compliance projects, how projects can detour, and what compliance executives should focus on during GRC implementation.   Aaron Kraus Reciprocity’s director of GRC security has consulted in every field necessary including government, financial services, and healthcare in a variety of roles including designing, implementing, and auditing. He’s also experienced in teaching CISSP exam preparation, Mac OSX,…

Infosec Standards and Regulations: A Primer Sorting Compliance By Hogwarts House

Written by - May 23, 2017
infosec standards and regulations

Infoc standards and regulations being sorted into Hogwarts houses seems silly, but it helps organize the way we think of them.

Understanding SOX Requirements & The Sarbanes-Oxley Act

Written by - April 27, 2017

The Sarbanes-Oxley Act of 2002 (SOX), named after Paul Sarbanes and Michael Oxley, is a law that implements regulations on publicly traded companies. In 2002, the US Congress passed the Sarbanes-Oxley Act (SOX) after a series of public scandals by large corporations such as Enron Corporation, Tyco International PLC, and WorldCom that led to a stock market plummet only a few months before the 2002 elections. The legislation intended to quell public fears of corporate misconduct and to require greater accountability by management and Boards of Directors when reporting financial data. However, Sarbanes-Oxley turned into a larger and more complex piece of legislation than originally planned. The Major Provisions of Sarbanes-Oxley The Sarbanes-Oxley Act of 2002 presented five main provisions. First, it created…

Compliance Automation and its Benefits for Reporting

Written by - April 10, 2017
compliance automation

What keeps compliance professionals up at night? Is it stressful stakeholder meetings, keeping abreast of the latest changes in the world of compliance regulation, reporting bad news to the stakeholders within their organizations? Those are certainly angst-inspiring. For most, though, there’s always the nagging worry in the back of your mind that, despite your best efforts, you’ll misreport an issue, or not report it completely or accurately. Imagine – a week after you deliver your opinion on a process, new data emerges or, worse – old, forgotten data resurfaces from some cluttered corner of someone’s inbox or desktop file. The Need for Compliance Information – Right Here, Right Now   The reality is that the challenges of compliance management require…