Chapter 15

You’re Compliant, Now What?

Information in this chapter:

• Security is a Process, Not an Event

• Plan for Periodic Review and Training

• PCI Requirements with Periodic Maintenance

• PCI Self-Assessment

• Case Study

Congratulations, you made it! Your Report on Compliance (RoC) is filed or SAQ is completed, your vulnerability scans come back clean, and compliance status is validated. You are DONE! Depending on where you were when you started, you may have worked long and hard to get here. So now you can kick back, relax, and enjoy your flight until you land at your next annual assessment, right? It would be great if it were that easy, but unfortunately it’s not. Security (and PCI compliance in particular) requires constant vigilance, ...

Get PCI Compliance, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.