What is an SSAE 18 (SOC 1) Type II Audit Report?

by Sarah Harvey / April 12, 2023

Harvest Strategy Group, Inc. recently completed its 5th annual SSAE 18 SOC I Type II audit in order to reinforce its industry leadership position in regulatory compliance through an extensive evaluation and audit of the internal controls and processes of its vendors and recovery partners. Headquartered in Denver, Colorado, Harvest Strategy Group, Inc. provides comprehensive accounts receivables management services to a variety of creditors, including banks, auto finance lenders, credit…

PCI Readiness Series: PCI Requirement 12

by KirkpatrickPrice / December 19, 2022

PCI Requirement 12: Maintaining an Information Security Policy When creating an information security policy, an organization must create a policy that addresses information security for all personnel. Let’s emphasize “all” – this policy is not just for the IT department but is for anyone that would/could be involved in some capacity with storing, processing, and transmitting cardholder data. PCI Requirement 12 helps oversee and govern an organization's PCI DSS compliance…

Road to HIPAA Compliance: Incident Response

by KirkpatrickPrice / December 19, 2022

Security, Incident, Response, Repeat There are several challenges when it comes to understanding security incidents and incident response. Our goal for this webinar is to answer several questions that occur while considering your organization’s incident response plan and creating policies and procedures to accompany your plan.  How would you define “security incident” for a practical, real-world setting? The regulatory definition of a “security incident” includes the access, use, disclosure,…

Overcoming Security Challenges at your Data Center

by Sarah Harvey / June 15, 2023

Information security has become a topic that is at the forefront of every business owner’s mind. With the influx of information stored in a data center, it’s becoming increasingly important that data centers take the right steps towards ensuring that they have the proper controls in place to provide secure and efficient services to their clients. Let's explore the challenges of data center security and look at ways we can…

PCI Readiness Series: PCI Requirement 11

by KirkpatrickPrice / December 19, 2022

PCI Requirement 11: Validating Your Security Program This session in our PCI Readiness series focuses on Requirement 11. This requirement requires regular monitoring and testing of security systems and processes, which validates an organization’s risk/threat management program and determines if it’s functioning correctly. To successfully validate your system, scans should validate your risk identification and risk ranking program. Internal scan results should be used to address risk through your risk…