Information Security Leader, Author, Instructor and Speaker

PCI DSS Compliance Health Check

Posted on December 1, 2014 in Articles | by

How are you doing with PCI DSS compliance? Have you taken a close look at your controls recently to ensure that you’re dotting your i’s and crossing your t’s? A recent study by Verizon revealed that only 11.1% of companies subject to PCI DSS actually comply with all twelve requirements. Are you among this small slice of compliant firms or do you run the risk that non-compliant payment card operations will result in fines, reputational loss and/or operational disruption for your organization? In this article, we take a look at three common areas where companies fail to achieve compliance and provide practical advice on addressing those issues.

Read more: PCI DSS Compliance Health Check

Published December 2014 in BizTech Magazine

TAGS: , , ,

One Response to “PCI DSS Compliance Health Check”

  1. Mike, I enjoy reading your posts and I just wanted to add that one of the most important – and time consuming aspects of PCI DSS compliance – is developing all mandated policies and procedures. As a PCI-QSA for years, I’m constantly having to deal with my client’s challenges of having little or no documentation in place. If you look at the actual standards, there’s close to 50 or so policies and procedures that need to be in place, so finding a comprehensive policy packet is a must. PCI DSS is not always about the technical aspects, there’s a lot of documentation that has to be in place, so just remember that! There are numerous providers online offering cost-effective templates, so now it’s easier and more affordable than ever to put in place all mandated PCI specific documents.

Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography

@mchapple