Understanding PCI DSS v4.0 – Change Summary – Part 3
In the last part of our “Understanding PCI DSS v4.0” series, we’ll tackle the remaining changes in PCI DSS v4.0 that are likely to impact your day-to-day business practices.
Menu
Florida agencies, such as the Florida Highway Safety and Motor Vehicles (FLHSMV), are concerned that their partners have the appropriate internal controls in place to ensure that data is protected from unauthorized access, distribution, use, modification, and/or disclosure. To ensure that these standards are being met, state agencies and vendors must submit an Internal Control and Data Security Audit from a currently licensed Certified Public Accountant.
An Internal Control and Data Security Audit is required to demonstrate compliance with the Florida Cybersecurity Standards (FCS), Rules 60GG-2.001 through 60GG-2.006, Florida Administrative Code (F.A.C.) These standards incorporate guidance from the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, and the Federal Information Security Management Act of 2002 (FISMA) (44 U.S.C. S3541, et seq.).
To satisfy these requirements, companies should consider a SOC 2 report with a mapping to the Florida Cybersecurity Standards, to ensure all aspects of the FSC are addressed.
Fill out this form to get in touch with one of our specialists. We’ll be in touch soon to discuss your compliance needs.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
“We engaged Auditwerx for a SOC 2 audit of our fast growing cloud-based security service. The audit itself was thorough, but non-disruptive. The audit team was highly professional and very knowledgeable. We recommend Auditwerx’s SOC 2 services without reservation.”
In the last part of our “Understanding PCI DSS v4.0” series, we’ll tackle the remaining changes in PCI DSS v4.0 that are likely to impact your day-to-day business practices.
In Part 2 of our “Understanding PCI DSS v4.0” series, we will explore additional changes introduced in PCI DSS v4.0 as included in the “Evolving Requirement” section that analyzes changes needed to required business tasks that are related to remaining compliant with the PCI DSS.
Now that we’ve taken a look at the broad strokes of the PCI DSS v4.0 changes, let’s take a deeper dive into the impact these changes might have on organizations like yours.
