This week’s top tip looks at the key considerations when accepting card payment via phone. For many organisations accepting card payment via phone is just ‘business as usual’, for others it’s one of those things that is done as a back-up or an occasional ‘one off’. An example of the latter is online only organisations […]
There is one question that everyone is guaranteed to get right – are cyberattacks on the increase? In this blog, we will review some of the more significant cyberattacks over the last year and look for any emerging trends in terms of cybercrime targets, as well as the type of attacks. First, let’s make sure […]
In this blog, we address one of the big questions facing organisations which accept payment cards and are looking to comply with the PCI DSS. Should we outsource the storing, processing and transmitting of cardholder data (CHD)? Let’s look at the benefits and disadvantages of outsourcing. Pros of outsourcing Reduction of scope and in-scope processes Any […]
The certification process consists of a two (2) stage audit. These are most commonly described as : ► Stage 1 audit – organisational readiness (desk top review) ► Stage 2 audit – assessment of the implementation through the sampling of evidence (interviews and inspection of records etc). The exact duration of the 2 different audit […]
A crucial element in performing an audit is the collection and evaluation of evidence. Evidence is used to determine if the process or control being audited is performing as expected. In this blog, we will be exploring how you can define what evidence is required and what are the most effective ways of gathering evidence. Evidence […]
