{tableName=glossary, name=PCI DSS, description=
PCI DSS (Payment Card Industry Data Security Standard) is an information security standard for organizations that handle credit card and debit card information. It was created by major credit card companies such as Visa, MasterCard, American Express, and Discover, to ensure that all merchants and service providers who accept, process, store, or transmit credit card information do so securely and protect customers’ data from theft and fraud. PCI DSS outlines twelve requirements for organizations to follow in order to protect cardholder data, including maintaining a secure network, protecting cardholder data, regularly monitoring and testing networks, and maintaining an information security policy. It also requires organizations to assign a unique ID to each person with computer access, restrict physical access to cardholder data, and regularly monitor and test networks. PCI DSS applies to all organizations that accept, process, store, or transmit credit card information, regardless of size or number of transactions. Compliance with PCI DSS is mandatory for any organization that handles credit card information, and failure to comply may result in fines, penalties, and loss of the ability to accept credit cards., topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1715624259698, path='pci-dss', name='
PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=
This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.
This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.
}', 15='{type=list, value=[{id=97620570502, name='PCI-DSS'}]}'}], hs_path=pci-dss}--
{tableName=guides, name=Managed Services Software: Streamlining Cyber GRC Processes, description=Managed Services Software streamlines cyber governance, risk, and compliance with automated assessments, control monitoring, and real-time reporting., topic=null, hs_path=managed-services-software}--
{tableName=glossary, name=SSAE 18, description=
Statement on Standards for Attestation Engagements (SSAE) No. 18 is an attestation standard issued by the American Institute of Certified Public Accountants (AICPA). It defines the requirements for attestation engagements performed by a service auditor, and is applicable to service organizations that provide services to user entities. The standard provides guidance for service auditors on how to plan and perform an attestation engagement, and how to report on the results of the engagement. It is intended to replace the Statement on Auditing Standards (SAS) No. 70, which is the previous standard for service organization attestation engagements. SSAE 18 requires a service auditor to obtain an understanding of the service organization's system and its controls, assess the risks associated with the system, determine the nature, timing and extent of the tests to be performed, and evaluate the design and operating effectiveness of the controls. The service auditor must also issue an opinion on the fairness of the description of the service organization's system and the suitability of the design and operating effectiveness of the controls. The opinion must include a description of the tests performed and the results of the tests., topic=null, hs_path=ssae-18}--
{tableName=glossary, name=Incident Response, description=
Incident response is a set of procedures and processes for responding to and managing the aftermath of a security breach or cyber attack. It includes identifying the cause of the incident, assessing the damage, and implementing measures to prevent similar incidents from occurring in the future. It also involves communicating with stakeholders and responding to regulatory requirements. Incident response is an important part of an organization's overall security strategy and should be planned and tested in advance., topic=null, hs_path=incident-response}--
{tableName=glossary, name=Segregation Of Duties (SOD), description=
Segregation of Duties (SOD) is a security control that is used to ensure that no single individual has complete control over a business process. This is typically accomplished by assigning different individuals to perform different tasks related to the process. For example, one person may be responsible for entering data into a system, while another person is responsible for approving the data. This prevents any one person from having control over the entire process and reduces the risk of fraud or errors. SOD is an important part of any internal control system and can help to ensure that processes are conducted in an efficient and secure manner., topic=null, hs_path=segregation-of-duties-sod}--
{tableName=comparison, name=ASD Essential 8 vs GDPR, description=ASD Essential 8 is an Australian security framework that provides guidance on how to protect an organization's digital assets. , topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1715624279165, path='asd-essential-8', name='
ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value=
This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}', 15='{type=list, value=[{id=97620570506, name='ASD Essential 8'}]}'}], hs_path=asd-essential-8-vs-gdpr}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77