IT GRC, The Story - How do you do it? - Part 1
September 21, 2011 | POSTED BY TOMMY THOMPSON IN IT GRC
I was recently discussing IT GRC program implementation with the CIO of a growing, mid-sized software company when he presented the question, "But HOW do you do it? I mean, how do you get employees to follow the rules in a GRC program?" My response to...READ MORE +
Getting the most value from your next penetration test
September 21, 2011 | POSTED BY MICHAEL OGLESBY IN SECURITY, COMPLIANCE
We here at True Digital Security conduct quite a lot of engagements around penetration testing, or "Pen-Tests". Usually this testing is driven by compliance requirements like the Payment Card Industry (PCI) DSS or security audit requests from potential ne...READ MORE +
When are merchants required to use a PA-DSS validated POS (point-of-sale) application?
September 21, 2011 | POSTED BY MICHAEL OGLESBY IN COMPLIANCE, PCI
In True's experience as a QSA advising merchants with PCI compliance, one point of confusion seems to always surface ? when are merchants required to use a Payment Application Data Security Standard (PA-DSS) validated POS application?
First, it is impo...READ MORE +