Blog

PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities

by Randy Bartels / February 7, 2023

What is PCI Requirement 6.1? PCI Requirement 6.1 states, “Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information, and assign a risk ranking to newly discovered security vulnerabilities.” The purpose of PCI Requirement 6.1 is to ensure that your organization is up to date with new security vulnerabilities that could impact your environment. Assessors will look to see that you have a formal, established…

PCI Requirement 6 – Develop and Maintain Secure Systems and Applications

by Randy Bartels / February 7, 2023

PCI Requirement 6 pairs with PCI Requirement 5 to satisfy vulnerability management program expectations. PCI Requirement 6 states, “Develop and maintain secure systems and applications.” The purpose of this requirement is to build a process for securely managing the software within your environment. Develop and Maintain Secure Systems and Applications in Your Environment PCI Requirement 6 helps your organization develop and maintain secure systems and applications. Attackers often use security…

What is Risk Management?

by Sarah Harvey / April 12, 2023

Why is Risk Management Important to Business? Humans are constantly considering risk, even when we don’t realize it. Risk management is our response to the possibility of suffering harm or something going wrong…and things go wrong all the time! Car accidents, stolen wallets, unexpected bad weather, burnt dinners. The list could go on and on. We are programmed to manage risk. So, how does risk management translate into business? We…

3 Reasons to Stop Hesitating and Complete Your SOC 1 Audit

by Sarah Harvey / December 19, 2022

With the compliance landscape rapidly changing, it’s important to stay up-to-date with current standards to gain trust and respect from your clients. If you’ve been considering getting a SOC 1 audit, but keep putting it off, what are you waiting for? Here are three reasons to stop hesitating and start your SOC 1 audit today. 1. Gain a Competitive Advantage Completing a SOC 1 audit allows you to pursue clients…

How to Prepare for Phase 2 HIPAA Compliance Audits

by Sarah Harvey / February 7, 2023

The U.S. Department of Health and Human Services Office for Civil Rights announced on March 21, 2016 that Phase 2 of the HIPAA audits have officially begun. Now, more than a year later, 200 desk audits have occurred, but covered entities and business associates are still struggling to know what to focus on and in which areas they are lacking safeguards. In this webinar hosted by LockPath, Joseph Kirkpatrick shares his…

PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities

PCI Requirement 6 – Develop and Maintain Secure Systems and Applications

What is Risk Management?

3 Reasons to Stop Hesitating and Complete Your SOC 1 Audit

How to Prepare for Phase 2 HIPAA Compliance Audits

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.