Compass IT Compliance Blog

The Case for the PCI ROC: When to Perform One Over an SAQ

The Case for the PCI ROC: When to Perform One Over an SAQ

PCI Compliance can be a challenging initiative to take on, especially if this is a new process for your organization. Depending on the level of merchant or service provider you fall under determines the requirements you must complete to become PCI Compliant. This will either take form …

Read Story

FFIEC Guidance: Significant Changes to the Management Booklet

FFIEC Guidance: Significant Changes to the Management Booklet

On November 10th, the Federal Financial Institutions Examination Council (FFIEC) issued a revised Management booklet which is a part of the IT Examination Handbook. This is considered a major revision of the booklet and the first one to take place since 2004. As just a quick overview, …

Read Story

The Top 5 Reasons You Should Have a Vendor Management Program

The Top 5 Reasons You Should Have a Vendor Management Program

Last week we talked about what Vendor Management is and really why you should care about it for your organization. This week we are going to outline the top 5 reasons, in no particular order, of why your organization needs to have a Vendor Management Program implemented and that makes …

Read Story

What is a Vendor Management Program and Why Should You Care?

What is a Vendor Management Program and Why Should You Care?

Vendor Management is a term that is thrown around all the time, but what does it really mean? If we look at it on the surface, it is a method for managing your vendors and third party service providers. That's a little obvious of course, but let's look at the definition of Vendor Mana …

Read Story

Subscribe by email