Compliance Audit Services
A number of industries are governed by regulations for protection of information. Redsand Networks offers regulatory compliance and audit services for Sarbanes-Oxley Act, HIPAA, PCI, and GLBA guidelines.
The Sarbanes-Oxley Act has fundamentally changed the business and regulatory environment. The Act aims to enhance corporate governance through measures that will strengthen internal checks and balances, and ultimately strengthen corporate accountability.
It is important to emphasize that SOX 404 does not only require senior management and business process owners to establish and maintain a adequate internal control structure, but also to assess its effectiveness on an annual basis.
The introduction of SOX 404 has formalized management's responsibility for, and reporting of, internal controls leading to increased accountability, documentation and testing of the processes and controls that support external financial reporting. Redsand Networks provides the experience and flexibility to help organisations achieve SOX 404 compliance. Redsand Networks possesses extensive risk-based audit experience that supports process and control improvements beyond financial reporting.
HIPAA expects stringent compliance from not only the health-care organisations across USA, but also BPOs and Medical Transcription companies across India having access to patient records of US-based healthcare centers. Redsand Networks audits and evaluates the overall EDI and HIPAA capabilities, processes and technology of the organization, makes recommendations and assists in achieving compliance to HIPAA.
VISA Payment Card Industry (PCI)
The new Payment Card Industry (PCI) Data Security Standard outlines best practices for credit card data that is stored, processed, or transmitted. All major credit card issuers, including Visa, MasterCard, American Express, Diners Club, and Discover, jointly developed PCI. Most merchants are required to comply with this standard.
Gramm Leach Bliley Act (GLBA)
The 1999 Gramm-Leach-Bliley Act (GLBA) requires financial institutions to develop, implement, and maintain a comprehensive written information security program that protects the privacy and integrity of customer records. The Federal Financial Institution Examination Council (FFIEC) recently updated the GLBA information security standards. These new mandates emphasize the need for each bank, thrift, and credit union agency to adopt a proactive information security and technology risk management capability. By doing so, your institution can protect information, applications, databases, and the network as part of a comprehensive information security program.