PCI compliance mandate's power raises conflict-of-interest questions  
  SEARCH: Sign In | Register | Contact Us | Site Map | Home  

Resources for Federal Financial Institutions Examination Council (FFIEC)

PCI compliance mandate's power raises conflict-of-interest questions

www.networkworld.com

Businesses accepting credit cards have to assure their networks are secured according to the Payment Card Industry Data Security Standard, and to achieve that, they often make security investments based on the advice of the organization setting the standard and its 60 or so qualified security assessors empowered to judge whether a business is PCI compliant or not.

The situation has given the PCI Security Standards Council — which requires its membership be allowed to read or comment on any of its proposed standards — great power to alter the direction of network security. Moreover, QSAs typically make recommendations about which security products and services to buy, and therefore have a new power-broker role.

View the Resource



Share or bookmarklet this web page at:



Google
Privacy Policy | Terms & Conditions | Support | Directory Links | Contact Us | Site Map | Home
Copyright © 2007-2008 ComplianceHome.com. A SUPREMUS GROUP venture. All rights reserved.