Free and low-cost tools for PCI DSS Compliance
December, 2013, Steven Weil, Senior Security Auditor
Complying with the PCI DSS requires policies and processes plus implementing and managing a variety of software tools. As a QSA who has performed many PCI assessments for merchants and service providers, I’ve seen and assessed a variety of free and low-cost (under $200) software tools that help our customers comply with PCI DSS.
A Proven Strategy for Implementing Vendor Management Programs
December, 2013, Andrew Hicks, Managing Principal, Coalfire
Every regulated industry includes a requirement for managing third-party risk. Some industries are further along the path and have more mature processes than others. However, there are tried and true methodologies and standards established by those early movers that we can utilize across other regulated industries.