Get started with PCI DSS Protect your customers’ card data
All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal payment card details and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. Failing to comply with the standard can have serious consequences for your ability to process card payments.
An ideal introduction and a quick reference to PCI DSS, including version 3.0
Co-written by a PCI QSA (Qualified Security Assessor) and updated to also cover PCI DSS version 3.0, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation who deals with payment card processing.
Buy this pocket guide and get to grips with PCI DSS, including version 3.0
This title is part of The ITGP Compliance Series, a suite of essential guides to regulatory and legal compliance.
Designed to help organisations in their efforts to address issues such as PCI DSS, anti-bribery policy management and data protection, this series is indispensable for anyone seeking to align their policies and procedures with laws and regulations. The guides also provide a quick, cost-effective way to raise awareness of key issues among staff, partners and external customers.
About the Authors
Alan Calder is the Founder and Executive Chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors.
Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing.
Geraint has provided consultancy on implementation of the PCI DSS and conducted audits with a wide range of merchants and service providers. He has performed penetration testing and vulnerability assessments for various clients. Geraint leads the IT Governance CISSP Accelerated Training Programme along with the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH & CHFI.
Table of Contents
- Chapter 1: What is the Payment Card Industry Data Security Standard (PCI DSS)?
- Chapter 2: What is the Scope of the PCI DSS?
- Chapter 3: Compliance and Compliance Programmes
- Chapter 4: Consequences of a Breach
- Chapter 5: How do you Comply with the Requirements of the Standard?
- Chapter 6: Maintaining Compliance
- Chapter 7: PCI DSS – The Standard
- Chapter 8: Aspects of PCI DSS Compliance
- Chapter 9: The PCI Self-Assessment Questionnaire (SAQ)
- Chapter 10: Procedures and Qualifications
- Chapter 11: PCI DSS and ISO/IEC 27001
- Chapter 12: Payment Application Data Security Standard (PA-DSS)
- Chapter 13: PIN transaction Security (PTS)
- ITG Resources
- Title: PCI DSS: A Pocket Guide, 3rd Edition
- Release date: January 2014
- Publisher(s): IT Governance Publishing
- ISBN: 9781849285551