PCI compliance: Where does AOC, ROC and SAQ stand for?
Often times we hear terms that are thrown around like PCI SAQ, AOC and PCI Report on Compliance (ROC). Are you often struggling to understand the difference between these concepts and if/when you’re required to complete them? The good news is that you’re not alone and...
Have you yet successfully implemented the new PCI DSS requirements 3.2?
January 31, 2018 marked the date that all new requirements introduced in PCI DSS version 3.2 must be adopted by organizations and included in their PCI DSS assessment. Be aware that a minor revision to this version is already planned for mid-2018, which comes into...
Information Security Policy: 5 Common Mistakes Organizations Make
Regardless of the size of your business or the industry you are in, an information security program is a critical document for any organization. A good information security program consists of a comprehensive set of information security policies and procedures. Having...
Checklist GDPR: 5 things you should have in place before May 25th 2018
In a few days, the European Union (EU) will begin enforcing the most stringent regulations to date on how EU citizens' personal data is lawfully collected, processed and stored. The General Data Protection Regulation (GDPR) is a sweeping data protection law that not...
Understanding the Self-Assessment Questionnaires (SAQs) for PCI-DSS
The Self-Assessment Questionnaires (SAQs) are validation tools designed to help merchants and service providers report on the results of their compliance with PCI DSS. It can be used by eligible organizations who self-assess their PCI DSS compliance, and who are not...
Which Security Maturity Level Does Your Company Have?
Many security investments are driven by regulatory and industry standards compliance requirements, but that often leads to a reactive security approach, leaving gaps that can be easily exploited. We believe an end-to-end stance is required that covers processes from...