PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
July/August 2008

Avoiding Audit Trouble: Getting PCI Compliant

Having trouble with PCI compliance? You're not alone. Auditors and audit survivors offer tips for how to achieve it. By all accounts, compliance with the Payment Card Industry Data Security Standard (PCI DSS) is on the upswing. According to Visa USA, compliance among the largest merchants shot up dramatically, from about 12 percent in March 2006 to 77 percent by the end of last year. And media reports indicate the standard is gaining ground in the European Union, where many countries--the U.K. in particular--are stepping up compliance efforts. Yet successful PCI Report on Compliance (RoC) completion remains a confusing venture and elusive to many. Some of the confusion stems from the convoluted path of accountability. Although the PCI DSS is often touted as a one-stop standard, each of the five major card brands continues to maintain separate compliance programs. Some brands have announced heavy noncompliance fees in the form of penalties and higher transactions rates, but it is the acquiring banks that decide when and how to ...

Features in this issue

Columns in this issue