White Papers for Federal Financial Institutions Examination Council (FFIEC)

More Lessons Learned: Practical Tips for Avoiding Payment Card Industry (PCI) Audit Failure

Verisign

The expense of compliance to the Payment Card Industry Data Security Standard (PCIDSS) can be substantial with penalties for noncompliance varying from censure, to fines, to revocation of card issuance and payment processing capabilities. Nevertheless, major data security breaches are on the rise. As new vulnerabilities emerge, such as wireless networks and more powerful and connected mobile communications devices, many companies continue to struggle with the increased complexity associated with PCI DSS—including those that achieved compliance in the past.. The VeriSign Global Security Consulting team has performed hundreds of PCI assessments, noting that the requirement failures and actual compromises observed during these assessments exhibit common themes. This paper presents proven tactics to help companies achieve and maintain PCI compliance and, more importantly, avoid compromise.

View the White Paper

Share or bookmarklet this web page at: