ControlCase Newsletter October 2017
Recommended Offering: Compliance as a Service for Business as Usual
While standards such as PCI DSS, ISO and SOC provide a benchmark for protecting data, criminals are always on the hunt for security vulnerabilities and malware to exploit organizations.
Compliance as a Service (CaaS) for Business as Usual (BAU) is focused exclusively on understanding your environment and providing solutions that seamlessly integrate security and compliance into your business as usual activities.
Upcoming Webinars
The EU’s General Data Protection Regulation (GDPR)
This 45-minute webinar will discuss the following:
- What is GDPR?
- How will it impact me?
- How can I become compliant?
- What is the timeline?
- What are the consequences if not met?
Date:
Thursday, October 12th, 2017
Time:
11:00 AM – 11:45 AM EDT
PCI DSS Business as Usual
PCI DSS mandates organizations to make compliance a business as usual activity instead of an annual audit. ControlCase will cover the following during this webinar:
- PCI DSS requirements that can be made business as usual
- PCI DSS processes that can be made business as usual
- Techniques and methodologies
- Evidence to be provided to QSA for compliance
- Key success factors
- Challenges
Date:
Thursday, November 9th, 2017
Time:
11:00 AM – 11:45 AM EDT
Product and Services Update
ControlCase GDPR Readiness Assessment
The GDPR Readiness Assessment program will offer exceptional customer experience in getting organizations prepared by May 2018.
ControlCase “One Audit” to help simplify compliance with the EU’s GDPR
“One Audit” is an enhanced Integrated Compliance and Risk Control Solution for organizations subject to multiple regulations such as PCI DSS, ISO, HITRUST and GDPR.
ControlCase to provide Microsoft SSPA Attestation Services
ControlCase Microsoft SSPA attestation services are developed to incorporate ControlCase’s extensive experience in risk management and regulatory compliance management; delivering a streamlined and cost effective solution to achieve compliance in a timely manner
Latest News
HITRUST CSF version 9 Release Now Available
HITRUST CSF v9 incorporates updates stemming from integration of the FFIEC Information System Examination – Information Security, FedRAMP, the DHS Critical Resilience Review and EHNAC Accreditation requirements, as well as additional content based on a review of the OCR Audit Protocol v2 for compliance with the HIPAA Security Rule…
Leveraging the HITRUST CSF to Simplify Implementing and Reporting Against the NIST CSF
HITRUST CSF v9, a HITRUST CSF assessment now includes the controls necessary to address the NIST CsF requirements,
$5.5 million HIPAA settlement shines light on the importance of audit controls
Organizations must implement audit controls and review audit logs regularly. As this case shows, a lack of access controls and regular review of audit logs helps hackers or malevolent insiders to cover their electronic tracks, making it difficult for covered entities and business associates to not only recover from breaches, but to prevent them before they happen.