Video Archives

PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities

by Randy Bartels / February 7, 2023

What is PCI Requirement 6.1? PCI Requirement 6.1 states, “Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information, and assign a risk ranking to newly discovered security vulnerabilities.” The purpose of PCI Requirement 6.1 is to ensure that your organization is up to date with new security vulnerabilities that could impact your environment. Assessors will look to see that you have a formal, established…

PCI Requirement 6 – Develop and Maintain Secure Systems and Applications

by Randy Bartels / February 7, 2023

PCI Requirement 6 pairs with PCI Requirement 5 to satisfy vulnerability management program expectations. PCI Requirement 6 states, “Develop and maintain secure systems and applications.” The purpose of this requirement is to build a process for securely managing the software within your environment. Develop and Maintain Secure Systems and Applications in Your Environment PCI Requirement 6 helps your organization develop and maintain secure systems and applications. Attackers often use security…

What is Risk Management?

by Sarah Harvey / April 12, 2023

Why is Risk Management Important to Business? Humans are constantly considering risk, even when we don’t realize it. Risk management is our response to the possibility of suffering harm or something going wrong…and things go wrong all the time! Car accidents, stolen wallets, unexpected bad weather, burnt dinners. The list could go on and on. We are programmed to manage risk. So, how does risk management translate into business? We…

Will I Pass a SOC 1 Audit? What if I Fail The Audit? Reasonable Assurance Explained

by Joseph Kirkpatrick / February 7, 2023

Organizations put valuable resources into completing SOC 1 audits: time, money, people, technology, and more. We know that often times, a SOC 1 audit can make it or break it for our clients’ business and we don’t take that lightly. When someone asks us, “Will I pass a SOC 1 audit? What if I fail the audit? What happens if I fail?”, we want to give them the best explanation…

Do I need a SOC 1 Type I or a SOC 1 Type II Report?

by Joseph Kirkpatrick / February 7, 2023

When considering having a SOC 1 audit performed, there are two different report options available. Knowing whether you need a SOC 1 Type I or a SOC 1 Type II report will depend on your client's needs and timing constraints. What’s the difference between a SOC 1 Type I and a SOC 1 Type II report? A SOC 1 Type I and a SOC 1 Type II both report on…

Blog

Video

PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities

PCI Requirement 6 – Develop and Maintain Secure Systems and Applications

What is Risk Management?

Will I Pass a SOC 1 Audit? What if I Fail The Audit? Reasonable Assurance Explained

Do I need a SOC 1 Type I or a SOC 1 Type II Report?

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.