MSP Compliance & Security Assessment

1) Universal Baseline Controls
ControlStatusEvidence / ToolNotes
Firewall / UTM configured & hardened
Network segmentation (servers / users / guests)
Dark web monitoring
Patch management & automatic updates
2) Password Policy
PolicyDetails
Password Policy Implemented?
Password Change Frequency
Password Complexity Requirements
MFA Enabled for all users
3) PCI Compliance
RequirementStatusNotes
Firewall Configuration
Cardholder Data Encryption
Access Control Policies
Vulnerability Management
SOC (Security Operations Center) Monitoring
Penetration Testing
User Awareness Training
Phishing Simulation
4) HIPAA Compliance
RequirementStatusNotes
BAAs in place for all vendors
PHI encryption
Audit controls for PHI
HIPAA Risk Assessment performed
5) Accounting / Financial Firms
RequirementStatusNotes
Secure File Sharing
Data Retention Policy
Encryption of Sensitive Financial Data
6) MDM / Mobile Device Management
RequirementStatus / DetailsNotes
MDM Platform
Device Coverage
Automated Enrollment
OS Version Compliance
Passcode / Screen Lock Policy
Device Encryption
Jailbreak / Root Detection
Compliance Reporting
App Allow/Block Lists
Remote Wipe / Lost Mode
Containerization / BYOD
PCI DSS Resources & SAQ Tools

Place these files in the same folder as this HTML to enable preview & download:

  • PCI_DSS_4.0_SAQ_Comparison_Clean.pdf
  • PCI-DSS-v4_0_1-SAQ-A.pdf
  • PCI-DSS-v4-0-1-SAQ-B.pdf
  • PCI-DSS-v4-0-1-SAQ-C.pdf
  • PCI-DSS-v4-0-1-SAQ-D.pdf

HIPAA Resources & Tools
Security Rule (HHS) Privacy Rule (HHS) OCR Audit Protocol NIST SP 800-66 r2
PCI DSS 4.0 – SAQ Viewer

No PDF loaded yet. Use the SAQ buttons or Open SAQ Comparison.