Post a new topic
    1 Reply Latest reply on Oct 22, 2009 6:56 AM by amspcs

    As a small merchant would 'shrink-wrapped' compliance tools.

    tglassey Newbie
      I have a question for the list as a new member.

      What would you think of 'compliance technologies' which were shrink-wrapped for you as a merchant such that you could buy them off the shelf and by operating them as directed your compliance with the specific requirements of those regulatory frameworks your business is controlled by were met?

      This is a new look at the intersection between how IT systems operate and automated capture of evidence to support that. For instance PCI DSS is very complex but if you could pay for a 'pre-certified practice' which was already fully audited, you would only have to operate it per the instructions to create all the key evidence of your proper operations.

      We think this is where the rubber meets the road and by pre-qualifying practices for IT operations with the auditor's that this reduces the complexity of compliance which in turn evidences itself in the form of lower costs.

      Any thoughts?

      Todd Glassey CISM CIFI
      CTO Certichron Inc
      http://www.certichron.com