PCI DSS compliance requires much more than having the technological infrastructure in place and working in a protected environment. What you will essentially also need is documented policies and procedures for PCI DSS compliance. Unfortunately, easier said than done as most companies, though very good at what they do from a daily operational perspective, are extremely weak in having documented policies and procedures in place.
Have you looked at the PCI DSS standards as of late? Read the fine print and sprinkled throughout its requirements are a host of provisions calling for documented policies and procedures on a wide range of subject matter.
What's worse is that most companies do not have the time or comittment in devloping these documented policies and procedures for PCI DSS compliance.
Thus, my recommendation is to find and hire a qualified PCI DSS QSA firm that has the knowledge, skills, and expertise in developing these documents for your organization.
This will prove invaluable in helping your organization acheive PCI DSS compliance in a cost effective and time sensitive manner.
To learn more about documented policies and procedures for PCI DSS and other subject matter affecting PCI DSS, visit www.pciassessment.org.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Share on StumbleUpon
Share on LinkedIn