01:16
ISO 27001 Risk Assessment Documentation
02:12
Encrypt BigQuery Datasets with Customer Managed Encryption Key CMEK
02:47
How Do You Prepare for a Penetration Test?
01:46
PCI v4.0 - 12.10.7: Implement Incident Response Procedures of Stored Primary Account Numbers
01:04
PCI v4.0 - 12.10.6: Modify the Incident Response Plan as Needed
01:00
PCI v4.0 - 12.10.5: Include Monitoring and Responding to Alerts in the Incident Response Plan
01:04
PCI v4.0 - 12.10.4.1: Use Targeted Risk Analysis to Determine Incident Response Training Frequency
01:11
PCI v4.0 - 12.10.4: Appropriately Train Incident Response Personnel
01:09
PCI v4.0 - 12.10.3: Ensure Specific Security Personnel Are Available for Incident Response
01:46
PCI v4.0 - 12.10.1: Establish a Comprehensive Incident Response Plan
01:03
PCI v4.0 - 12.9.2: Provide Compliance Information to Clients Upon Request
00:54
PCI v4.0 - 12.9.1: Acknowledge Account Security Responsibilities
01:15
PCI v4.0 - 12.8.5: Detail Responsibilities Held by Third-Party Service Providers
01:03
PCI v4.0 - 12.8.4: Monitor the PCI DSS Compliance of Third-Party Service Providers
00:56
PCI v4.0 - 12.8.3: Establish a Process for Engaging with Third-Party Service Providers
00:54
PCI v4.0 - 12.8.2: Maintain Written Requirements with Third-Party Service Providers
00:57
PCI v4.0 - 12.8.1: Keep Record of Third-Party Service Providers that Account Data Is Shared With
01:19
PCI v4.0 - 12.7.1: Screen Personnel Who Have Access to the Cardholder Data Environment
01:00
PCI v4.0 - 12.6.3.2: Include Acceptable Use Policies in Security Awareness Trainings
00:52
PCI v4.0 - 12.6.3.1: Include Threats and Vulnerabilities in Information Security Awareness Trainings
01:10
PCI v4.0 - 12.6.3: Hold Information Security Awareness Trainings Regularly
00:59
PCI v4.0 - 12.6.2: Review Your Information Security Awareness Program Regularly
01:13
PCI v4.0 - 12.6.1: Implement Formal Security Awareness Training
01:01
PCI v4.0 - 12.5.3: Review Scope After Significant Changes to Organizational Structure
00:54
PCI v4.0 - 12.5.2.1: Service Providers Must Document and Confirm Scope Frequently
01:29
PCI v4.0 - 12.5.2: Document and Confirm Scope Regularly
01:31
PCI v4.0 - 12.5.1: Maintain an Inventory of System Components That Are in Scope
01:08
PCI v4.0 - 12.4.2.1: Document the Reviews Performed in Requirement 12.4.2
01:09
PCI v4.0 - 12.4.2: Ensure Personnel Are Performing Their Duties
00:48
PCI v4.0 - 12.4.1: Service Providers Must Establish Protections for Card Holder Data
01:29
PCI v4.0 - 12.3.4: Review Software and Hardware Technologies
01:10
PCI v4.0 - 12.3.3: Document and Review Cryptographic Cipher Suites and Protocols in Use
00:58
PCI v4.0 - 12.3.2: Perform Targeted Risk Analyses for Customized Approach
01:10
PCI v4.0 - 12.3.1: Use Targeted Risk Analyses to Support Flexible Testing
01:27
PCI v4.0 - 12.2.1: Acceptable Use Policies Are Documented and Implemented
01:16
PCI v4.0 - 12.1.4: Formally Assign Information Security Responsibility to a CISO
01:23
PCI v4.0 - 12.1.3: Ensure Your Information Security Policy Defines Roles and Responsibilities
00:59
PCI v4.0 - 12.1.2: Review and Update Your Information Security Policy Regularly
01:15
PCI v4.0 - 12.1.1: Have and Utilize an Information Security Policy
02:48
PCI v4.0 - 11.6.1: Change-Detection or Tamper-Detection Mechanisms Are Deployed on Payment Pages
02:28
PCI v4.0 - 11.5.2: Deploy a Change-Detection Mechanism
02:50
PCI v4.0 - 11.5.1.1: Detect, Alert, and Address Covert Malware Communication Channels
01:12
PCI v4.0 - 11.5.1: Implement Intrusion Detection and/or Prevention Techniques
01:16
PCI v4.0 - 12.10.2: Regularly Review the Incident Response Plan
02:35
PCI v4.0 - 11.4.7: Multi-Tenant Service Providers Support Customer for External Penetration Testing
03:28
PCI v4.0 - 11.4.5 & 11.4.6: Test the Effectiveness of Segmentation Controls Regularly
02:16
PCI v4.0 - 11.4.4: Correct Vulnerabilities Found in Penetration Testing
01:23
PCI v4.0 - 11.4.3: Regularly Perform External Penetration Testing
02:38
PCI v4.0 - 11.4.2: Regularly Perform Internal Penetration Testing
03:48
PCI v4.0 - 11.4.1: Define, Document, and Implement a Penetration Testing Methodology
01:15
PCI v4.0 - 11.3.2.1: Perform External Scans After Significant Changes
01:40
PCI v4.0 - 11.3.2: Perform External Vulnerability Scans Frequently
01:50
PCI v4.0 - 11.3.1.3: Perform Internal Scans After Significant Changes
03:28
PCI v4.0 - 11.3.1.2: Use Authenticated Vulnerability Scanning Tools for Internal Scans
01:19
PCI v4.0 - 11.3.1.1: Manage Non-High Risk and Non-Critical Vulnerabilities Appropriately
02:25
PCI v4.0 - 11.3.1: Perform Internal Vulnerability Scans Frequently
00:59
PCI v4.0 - 11.2.2: Maintain Inventory of All Authorized Wireless Access Points
01:45
PCI v4.0 - 11.2.1: Wireless Access Points Are Properly Managed
02:01
PCI v4.0 - 11.1.2: Requirement 11 Roles and Responsibilities Are In Place
00:58
PCI v4.0 - 11.1.1: Requirement 11 Polices and Procedures Are In Place
X
About
Cybersecurity and compliance audit reports from a licensed CPA firm, PCI QSA, and HITRUST CSF Assessor.
KirkpatrickPrice is the leader in cybersecurity and compliance audit reports. Our experienced auditors know audits are hard, so they take complicated audits such as SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, GDPR, and ISO 27001 and make them worth it. The firm has issued over 10,000 reports to over 1,200 clients worldwide, giving its clients trusted results and the assurance they deserve. Using its Online Audit Manager, the world’s first compliance platform, KirkpatrickPrice partners its clients with an expert to guide them through the entire audit process, from audit readiness to final report.
For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on LinkedIn, or subscribe to our YouTube channel.
Tags