Digital Edge guarantees that their clients will continuously
keep up with compliance certifications.
As a trusted advisor and technology vendor, part of our profession is ensuring that are clients are in accordance with their industry standards. Included within these industry standards are the internal IT tools and techniques they need to compete and maintain their business, future growth patterns, and keep up with compliance regulations.
Our compliance knowledge and experience allow us to help clients achieve
PCI, SAS70 II, HIPAA, SOX, and KPMG compliance.
Compliance standards & How they work
PCI
Compliance is a standard that is set to protect personal information through guaranteed security for all credit card transactions. There are six categories that are required to be covered under PCI, they include: maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, and regularly monitor & test networks.
SAS 70
Compliance is an auditing standard that regulates a company’s control objectives and activities. It refers to the safeguards that a company has in positioned, making sure that there are adequate processes and controls in place at all times. It is commonly found within hosted environments.
SOX
Compliance is a USA federal law instituted to as a result of a number of high profile scandals, such as Enron, Tyco International, and WorldCom. The regulations consist of 11 titles, consisting of public company board responsibilities, criminal penalties, and SEC requirements including internal controls, financial disclosures, and corporate governance.
KPMG
is a company that works with organizations to assess their client’s internal compliance regulations. They help companies better understand their risk exposures. So if a company is interested in auditing themselves to see where they fit within their own internal compliance standards, they would use this kind of company to externally audit.
HIPAA
Compliance is a group of regulations that are set to improve the effectiveness and efficiency of the health care system and the continuity of insurance coverage. It sets a laundry list of standards to assure the fight against fraud and abuse within healthcare.
Aside from PCI compliance, SAS70, SOX, KPMG, and HIPAA all require companies abide by a list of principles pronounced within an assessment. Each of these assessments are established and created with particular laundry lists, dedicated to serve there compliance purposes. In conjunction, an auditing company evaluates the assessment and proceeds with an onsite inspection to determine whether or not a company should be certified compliant.
PCI is slightly different. PCI requirements include a scan of the environment being used to assess credit card transactions, as well as an assessment that needs to be filled out, using third party auditors, and or a larger assessment similar to SOX, HIPAA, and SAS70. PCI compliance is determined based on the amount (in dollars) of transactions.