This book explains the security requirements, processes and technologies that are required to implement the Payment Card Industry Data Security Standard (PCI DSS) which is a compliance requirement for all enterprises that process, store, transmit or access cardholder information for any of the major payment brands, such as American Express®, Discover®, JCB, MasterCard® and VISA® brands.
The guide provides a comprehensive overview of the PCI DSS and explains how to implement its demanding security requirements. The guide also contains a wealth of background information about payment cards and the nature of payment card fraud. The content in this guide goes beyond explaining the requirements by providing the following valued information:
- – Concise summaries of the most current PCI DSS requirements Version 3.1 (just released in 2015)
- – Consolidated information from numerous PCI Council publications to help the reader better understand the true scope of payment card security
- – Techniques to determine the scope of compliance, documenting cardholder data flows and defining the Cardholder Data Environment
- – Provides guidance on implementing controls to comply with all 12 PCI DSS requirements and maintain compliance
- – PCI DSS requirements mapped to COBIT® 5 processes and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 270012 controls
- – Detailed explanation of compliance requirements for third-party services and cloud computing providers