As technologies change and audit processes evolve, so do the interpretation of regulatory requirements. For instance, how does an organization deal with the explosion of virtualized machines when it comes to segregation of function? Further, how does it deal with the responsibilities for administration of the virtual machine versus the administration of the underlying environment in meeting compliance requirements? And what about taking existing, standard regulations and applying them to new and ever-changing technologies?

This video describes how organizations can effectively interpret particular requirements from regulations such as HIPAA and PCI and implications these interpretations have on compliance activities, administration, and auditors. Featured expert Richard E. Mackey, vice president at SystemExperts and veteran auditor and consultant for large enterprises, will discuss:

• How the use of virtualization affects system administration requirements, segregation, and network security
• How organizations make decisions and should make decisions about what to encrypt and how those decisions affect key management and archival of information
• How to test the security of your applications and environment, as required by PCI, among others
• How to understand PCI's testing requirements, comparing the requirements to effective testing of the security of applications and the environment