If you’re considering undergoing a FedRAMP High Assessment, you must understand that this is the most rigorous baseline among the standard FedRAMP options, making it a daunting—if necessary—endeavor. What would likely help is knowing what’s coming in more detail so that you can better prepare.

Incident response has always been an important component of PCI DSS—in Requirement 12.10, the standard provides critical guidelines for the timeliness, preparedness, and continuous improvement of incident response management. That being said, new related requirements and clarifications have been introduced under v4.0 that add complexity and effort to the mandates from v3.2.1.

As the scrutiny on environmental impact grows, more and more organizations are looking for ways that can help them both satisfy emerging regulations and customer concerns regarding the sustainability of their practices. And while there are a few options that may suit, ISO 14001 represents one particularly advantageous avenue.

NOTE: This blog was originally published on 3/24/2024 and has been updated as of 8/1/2024 now that the EU AI Act has been published in the Official Journal of the European Union and “enter[s] into force” 20 days thereafter, or on August 1, 2024.

As technology continues to evolve and become more robust, organizations have realized they need expertise and to be proactive in identifying risks and implementing controls. But even as new solutions are introduced, the backbone of many compliance and cybersecurity initiatives—including SOX— remains an organization’s internal technology general controls (ITGCs).

Back on March 21, 2022, the U.S. Securities and Exchange Commission (SEC) proposed rules that would enhance and standardize climate-related disclosures provided by public companies—two years and unquantified lobby and legal dollars later, the final SEC Climate Disclosure Rules were announced today.

Similar to the way the launch of the first satellite, Sputnik, both introduced a new technology era—the space race—and raised some alarm, the ongoing adoption of generative artificial intelligence (AI) is beginning to permeate industries worldwide, prompting questions of how cybersecurity will need to adjust to accommodate this huge new development.

TAMPA, Fla. – March 5, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is pleased to announce that the firm has received accreditation for France’s Health Data Host (HDS) certification services, the first US-based firm to receive such accreditation by COFRAC.