Bearing in mind that you cannot completely eliminate risk (especially when the “Human Factor” and Supplier Management is involved), the importance of risk management, within your PCI DSS compliance program, becomes increasingly relevant to your business.
Figure 5-1
Risk Assessment Practice
This is probably the most misunderstood aspect of most Cyber/InfoSec strategies, especially within the PCI DSS integrated framework.
Why is this?
In traditional control frameworks, such as the ISO/IEC 27001:2013 ...
Get PCI DSS: An Integrated Data Security Standard Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.
