Altavistagloria
commented
4 years ago Hello, Can you post/share your experience in codifying compliance controls to validate the efficacy of regulatory compliance, soc2, pci, etc? i.e., tools used, control types, testing, and any lessons learned. Thanks
Codifying compliance controls with automated tests - Need best practices, codified control implementation and automated test suite to validate the efficacy of regulatory / compliance controls, such as SOC1, PCI, etc.. aiming to open source material, code and test cases in collaboration with others, pending appropriate internal discussion around sensitivity and logistics. A request was raised by another participant to include potential regional differences.