Regulatory Compliance, Governance and Security

Dec 9 2009   7:29PM GMT

PCI Compliance Roadmap | Readiness Assessment | Where to Begin



Looking for a PCI compliance Roadmap? As a Payment Card Industry Data Security Standards Qualified Security Assessor (PCI QSA), I’m often asked about the who, what, where, and why of PCI compliance. Most organizations (merchants and service providers) are simply overwhelmed with the entire process and are not too sure really where to begin, hence the need for a PCI Compliance Roadmap.

I’ve written extensively on this issue and I urge you to read about the PCI DSS Roadmap, which essentially highlights three (3) main phases that your organization should undertake. Within these three (3) phases, there are many sub-categories and drivers that you will need to undertake, but for now, focus on these three (3) areas, which are the following:

* Phase I: PCI DSS Readiness Assessment
* Phase II: Remediation & Implementation for PCI DSS
* Phase III: Assessment & Reporting for PCI DSS

The biggest challenge (and goal) for organizations is Phase I, that is, simply getting one’s arm around the entire PCI DSS process and understanding what the scope of a PCI DSS assessment really is. Once you have successfully completed this phase, you can then move on to remediation and other aspects that are vital for PCI success.

To learn more about PCI compliance, visit the official PCI DSS Resource Guide.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: