Whether you’re seeing resistance from the board level or from within the IT department, the consensus is that adopting the Payment Card Industry Data Security Standard (PCI DSS) is still a “sensible thing to do from a security perspective”.
And in fact, if your organization transmits, processes or stores payment card data you must comply with PCI DSS. This compliance standard is a contractual obligation applied and enforced – by means of fines or other restrictions – directly by the payment providers themselves.
So in answer to the question ‘Can’t we just ignore PCI DSS?’ – the response is simply, ‘No’.
Source: SC Magazine
|PCI Foundation Training Course – in London
This 1-day, information-packed course, based on the new PCI DSS standard, gives you everything you need to know for PCI compliance.
To gain PCI DSS compliance quickly and cost-effectively within your organisation, then why not use our PCI DSS v2.0 Documentation Compliance toolkit? It provides all the documentation templates for all the mandatory PCI DSS policies, implementation guidelines and guidance. Read more here >>