This chapter makes you understand that an assessor is there to work with you to validate your compliance and help you with security. They are only your enemy if you treat them this way. This chapter explains how to use the findings from a failed assessment to build ongoing compliance and security.
Information in this chapter
• Remember, assessors are there to help
• Dealing with assessors’ mistakes
• Planning for remediation
• Planning for reassessing
The title of this chapter might shock you a little bit. Why? Have you noticed that the words “audit” and “auditor” in reference to Payment Card Industry Data Security Standard (PCI DSS) are copiously missing from ...