In PCI Compliance Essentials we’re dropping serious nuggets of wisdom to help organizations get everyone from system administrators, incident response handlers, billing, C-level executives and everyone else who has a piece of the PCI pie ON THE SAME PAGE and speaking THE SAME LANGUAGE.
Is your PCI DSS Compliance program is all over the place? Do you have your asset inventory in 7 different spreadsheets? If you answered yes, maybe it’s time to automate key controls and your assessment process. Read on to find out how!
The founders of Payment Card Assessments know all to well what it’s like to receive a scan report with over 2,000 configuration failures, a standards team that didn’t communicate changes to the scanning team, and an implementation team that had no idea what they were supposed to do to an in-scope asset before it went into production.
Let’s be real for a second – the report on compliance is mandatory for all level 1 merchants and any merchant regardless of level that is required to provide a report on compliance by either their acquirer or card brand. Most level 1 merchants fall out of compliance shortly after the ink is dry on their most recent report. Why? Because they don’t have a sustainability program. The RoC is treated like a bad surprise every year and that creates wasted effort, lost money, and burned out staff.