You’re Compliant, Now What?
Information in this chapter:
• Security is a Process, Not an Event
• Plan for Periodic Review and Training
• PCI Requirements with Periodic Maintenance
• PCI Self-Assessment
• Case Study
Congratulations, you made it! Your Report on Compliance (RoC) is filed or SAQ is completed, your vulnerability scans come back clean, and compliance status is validated. You are DONE! Depending on where you were when you started, you may have worked long and hard to get here. So now you can kick back, relax, and enjoy your flight until you land at your next annual assessment, right? It would be great if it were that easy, but unfortunately it’s not. Security (and PCI compliance in particular) requires constant vigilance, ...