Here's What Happens When You Implement These 3 Pillars of Excellence to Achieve Continuous PCI DSS Compliance AutomateWhen you automate key processes and critical control areasYou'll realize real savings in…
Maintaining PCI DSS Compliance is a multi-team effort. And it starts with knowing what’s in scope for assessment. Your network and cardholder data flow diagrams are the heart and soul of your continuous PCI DSS Compliance program.
Your Path to Achieving PCI DSS Compliance is a Phone Call Away I want to tell you about a small non-profit, level 4 merchant who struggled with achieving PCI DSS…
Why Do I Need So Much Documentation for PCI DSS Compliance?
I can hear you roll your eyes but I’m glad you asked that question.
As a former senior IT security director once told me, “PCI compliance is an exercise in killing trees.”
I get it. Most people would rather have a root canal than document critical PCI Compliance processes.
Keep reading!
Repeatable processes and proven templates help improve your PCI DSS compliance maturity as well as save you time so that you can focus your attention on assessing evidence or continuous compliance.
There’s more to PCI DSS v4.0 Requirement 12 than meets the eye At Payment Card Assessments, LLC, we’ve launched our newest course that dives into:What’s new: targeted risk analysis’, scope,…
I’ll be the first to admit that continuous PCI Compliance was beyond my grasp when I started my PCI journey in 2012. I was doing my best not to drown in a sea of confusion and chaos.
If something like our newest course, Implement Continuous PCI Compliance, existed a decade ago, I would have been all over this.
Read More!
Is your PCI DSS Compliance program is all over the place? Do you have your asset inventory in 7 different spreadsheets? If you answered yes, maybe it’s time to automate key controls and your assessment process. Read on to find out how!
I remember when I was working as an IT Security Project Manager responsible for the implementation of 10 different security projects for the new. cardholder data at a Fortune 100 Company. They had a job posting for a PCI Compliance Program Manager and I thought, why not?
The job description looked easy enough. In fact, I flipped my resume over on a whim during lunch on a Friday. Got called by the internal recruiter within 20 minutes and was interviewed on Monday and hired by Wednesday.
I had no idea what was really in store for me. Nobody did.
Because nobody I interviewed with understood HOW to run a successful PCI DSS Compliance program for a level 1 merchant.