Ely, England, 27 April 2011 – IT Governance Publishing announced that the PCI DSS v2.0-compliant version of the established PCI DSS Toolkit is meeting increased demand as compliance pressure on merchants mounts.
Banks are increasingly pressuring merchants, who accept payment cards, to get themselves PCI DSS compliant. ITGP upgraded its existing toolkit to reflect the revised requirements of PCI DSS v2.0 in October 2010 and, since then, the Toolkit has been helping a steady stream of smaller e-commerce merchants and service providers to become PCI compliant.
Introduced into the market in 2001, initially by VISA and MasterCard as CISP (Cardholder Information Security Protection) and SDP (Site Data Protection) and as two separate programmes, PCI DSS evolved from the collaboration of these ‘trend setters’ in 2004 as a well documented, clearly laid out standard that allowed organisations and merchants to achieve compliance without difficulty. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements that organisations and merchants set up in order to become PCI DSS compliant, undertaking a contractual obligation directly applied and enforced by the payment providers themselves. Further information can be found in PCI DSS: A practical guide to implementing and maintaining compliance 3rd ed.
The PCI DSS Documentation Toolkit v2.0 is specifically designed to help payment card-accepting organisations quickly create all the documentation required to affirmatively answer the requirements of the PCI DSS Standard as set out in the Self Assessment Questionnaire (v2.0). This Self-Assessment Questionnaire (v2.0) is a validation tool that enables merchants and service providers to assess their own compliance with the Payment Card Industry Data Security Standard. The questionnaire was updated in October 2010 by the PCI Security Standards Council to accommodate the changes made to the upgraded PCI Standard.
In order to ensure this procedure is correctly enforced, the SSC provide Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs) and, although it is not the law, the PCI DSS Standard is a requirement to be met by all organisations that accept credit or debit cards as a form of payment. ITGP’s PCI DSS Documentation Toolkit v2.0 is a vital ‘tool’ when organisations need to comply with the PCI Standard.
‘This toolkit radically simplifies the compliance process and reduces it to a clear sequence of actions that can be performed efficiently, leaving merchants free to focus on the essential work of serving their customers,’ says IT Governance CEO, Alan Calder.
This unique toolkit contains a full set of documentation templates for the all mandatory PCI DSS policies, as well as implementation guidance and ISO27001 cross-mapping. These templates are developed out of those contained in our best-selling ISO27001 ISMS Documentation Toolkit and, therefore, are capable of being integrated into an ISO27001 ISMS.
The PCI DSS Documentation Toolkit v2.0 can be purchased online and downloaded immediately http://www.itgovernance.co.uk/products/1337.
This product is available in multiple formats and can be purchased in local currency from the following websites: