Security

Regulatory Compliance- SOX, HIPPA, GLC, SCADA, PCI

Our industry and government regulation compliance services include Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA, PCI and SCADA. The regulatory compliance services provide a thorough gap analysis of your current security state and compare it best practices. We design and implement solutions that close those gaps to ensure ongoing regulatory compliance and provide reporting options that help you reliably and accurately report on the integrity of your data.
 

201CMR17 Massachusetts Data and Privacy Regulation
SOX
Sarbanes Oxley
GLBA
Gramm Leach Bliley Act
HIPAA
Health Insurance Portability and Accountability Act
SCADA
Supervisory Control & Data Acquisition
PCI
Payment Card Industry
BASEL
Recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision.


Regulations SOX, GLBA, HIPAA, SCADA, PCI, BASEL
Governance Framework COSO, CoCo, Turnbull, and so forth
Control Objectives COBIT, ITIL, and so forth
Controls ISO 17799, ISO 13335, NIST 800-53

Payment Card Industry compliance testing and remediation - The Payment Card Industry Data Security Standard (PCI DSS) applies to every company that processes credit card information. On January 12, 2006, Visa announced that it will pay $20 million in incentives to all acquiring banks whose merchants achieve PCI compliance by the end of August. While the incentives will provide further protection of cardholder data, they require the merchants to comply with PCI DSS requirements. Achieving PCI compliance can be a complex process; and in the case of many businesses, it requires a specialized third-party auditor. Many businesses, now under the obligation to comply with PCI standard, remain confused about where to begin. The stakes are high considering that the credit card companies and acquirer banks will take away the ability to process credit card transactions until the PCI audit is passed. While many businesses might appreciate a knowledgeable security advocate to help them achieve PCI compliance, merchant Level 1 business are required to use a Qualified Data Security Company (QDSC) to complete a Report on Compliance (ROC).

Managed Security Services