This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
5. - Your questions answered: Read more in this section
- Mike Chapple, Enterprise Compliance
- Joseph Granneman, Security Management
Explore other sections in this guide:
Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on enterprise compliance, frameworks and standards for its Ask the Experts panel. He previously served as site expert on network security, is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
See below for Mike's archive of advice on both compliance and network security. To submit a question for Mike, click on the "Ask a Question" tab above.
Do you have a question for our experts?
Contributions from Mike Chapple, Enterprise Compliance
- Analysis of the PCI mobile payment security guidelines
- Turning security inside out
- Inside PCI DSS Risk Assessment Guidelines
- How to choose an auditing firm
- New MasterCard Level 2 merchant validation requirements
- COBIT 5 training: What is required for certification?
- Complying with new COPPA regulations
- Analysis of new PCI mobile payment security guidelines
- How to engage employees in compliance best practices
- PCI compliance requirements for mobile payment networks
- Is HITRUST C-TAS the new compliance mandate?
- Reduce PCI scope with credit card tokenization
- Validating the PCI DSS scope of compliance
- Validation requirements for PCI DSS-covered merchants
- How to outsource PCI compliance to a cloud provider
- Using ISO 27002 as a guide for security management
- Submitting an ROC via a PCI assessment provider
- Cryptosystem regulatory compliance requirements
- How to choose a PCI employee training program
- Getting C-level support for ongoing PCI compliance