Compass IT Compliance Blog / Compliance (13)

A Closer Look at PCI DSS v4.0 Vulnerability Scanning Requirements

by Danielle Corsa on November 4, 2022 at 11:00 AM

A Closer Look at PCI DSS v4.0 Vulnerability Scanning Requirements

The Payment Card Industry Data Security Standard (PCI DSS) requires vulnerability scanning of any organization’s network assets. Quarterly network scans are required of all companies to be conducted by a certified third-party Approved Scanning Vendors (ASV) or Qualified Security Asses …

Read Story

Topics: PCI Compliance Compliance Vulnerability Scanning

Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0

by Kyle Daun on September 16, 2022 at 2:45 PM

Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0

With the recent updates to the Payment Card Industry Data Security Standard (PCI DSS) requirements, many organizations that are currently PCI compliant in accordance with version 3.2.1 may become noncompliant with version 4.0.

Read Story

Topics: PCI Compliance Compliance Vulnerability Scanning

Using the HECVAT to Measure Vendor Risk

by Brian Kelly on September 8, 2022 at 1:00 PM

Students gather in a lecture hall

Not a day goes by without a conversation about third-party risk management. Our clients are being bombarded in all directions; asked by regulators, auditors, their clients, and customers alike to complete third-party risk assessments (SIG, CAIQ, HECVAT).

Read Story

Topics: Vendor Management Compliance Risk Assessment Higher Education

PCI DSS v4.0 ROC Changes – Coming Now to an Organization Near You!

by Derek Boczenowski on August 17, 2022 at 3:30 PM

A person inserts their credit cared into a card reader

The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 is here! It has been released, the documents are available publicly for anyone who would like to read them, and forms for both the 900-pound level 1 Report on Compliance (ROC) and the Self-Assessment Questionnaires …

Read Story

Topics: PCI Compliance Compliance Vulnerability Scanning Risk Assessment

Ignorance Is Not Bliss When It Comes to Security Assessments

by Kelly O’Brien on May 6, 2022 at 4:00 PM

Ignorance Is Not Bliss When It Comes to Security Assessments

It is no surprise that bad actors constantly seek to take advantage of current events and changing circumstances to exploit vulnerabilities and gaps in the security of organizations across a myriad of industry verticals and sizes.

Read Story

Topics: Compliance Penetration Testing Vulnerability Scanning Risk Management Risk Assessment

PCI DSS v4.0 Released – What Changes Were Made?

by Kyle Daun on April 4, 2022 at 2:15 PM

A man holds a credit card while working on a laptop

On January 1st, 2019, the Payment Card Industry Data Security Standard (PCI DSS) v3.2.1 came into effect replacing v3.2 which had been in place since October 31st, 2016. Many changes have occurred since January of 2019, one of which being the worldwide shut down in the first half of 2 …

Read Story

Topics: PCI Compliance Compliance
11 12 13 14 15

See all

See all

Subscribe by email