Skip to Main Content
Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL
book

Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

by Robert R. Moeller
February 2013
Intermediate to advanced content levelIntermediate to advanced
395 pages
13h 56m
English
Wiley
Content preview from Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

CHAPTER ELEVEN

PCI DSS Standards and Other IT Governance Rules

THE PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS) is an information security best practice as well as an industry required standard for the many enterprises that handle cardholder information for the major debit, credit, automatic payment (ATM), and retail point-of-sale (POS) cards. Defined by the PCI Data Security Standards Council, PCI DSS was created to increase controls around cardholder data to reduce credit card fraud through a series of recommended best practices. With our worldwide reliance on payment cards for all forms of business, enterprises that accept credit cards for business operations at any level must comply with PCI DSS. An understanding of PCI DSS and its compliance requirements is an important element of IT governance for many senior business managers today.

This chapter will introduce PCI DSS and discuss its control objectives to help build and maintain a secure IT network. We will discuss the compliance requirements that fall under these rules, with both the processes for qualified security assessments for larger enterprises as well as the voluntary use of the PCI DSS Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. PCI DSS rules cover much more than consumer credit card transactions, and compliance here is an important part of IT governance.

This chapter also briefly introduces two other U.S. laws that have an impact on IT governance: the Gramm-Leach-Bliley ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Geoff Harmer

Publisher Resources

ISBN: 9781118238936Purchase book