CHAPTER 11: PCI DSS AND ISO/IEC 27001
ISO/IEC 27001 is the international information security management Standard that more and more organisations are using to ensure that their information security management meets the data protection and compliance requirements of a wide variety of legislation, including the EU Data Protection Acts and Privacy Directives, HIPAA, GLBA and others.
While the PCI Standard was not written to map specifically to ISO27001 or to any other existing framework, it sits clearly within the ISO27001 framework, and organisations that have implemented an ISO27001 ISMS should be able, with minor additional work, to also demonstrate their conformance with the PCI Standard. The individual controls set out in detail inside the ...
Get PCI DSS: A Pocket Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
