Payment Card Industry (PCI) -- Challenges and Issues for RACF Systems
Project and Program:
Enterprise Data Center,
Security and Compliance
Tags:
Proceedings ,
SHARE in Anaheim 2011 ,
2011
The PCI Data Security Standards apply to any company that transmits, processes or stores credit card “cardholder” data. While many companies are exempt from PCI, companies are not exempt from protecting their sensitive data which includes customer, company confidential and Personally Identifiable Information (PII). This presentation provides an overview of the PCI Data Security Requirements, why they evolved, why they are important and how the requirements can leveraged by all companies to improve their overall compliance program. Several of the requirements will be discussed in detail, the “hidden meaning” of the requirement will be revealed, and examples will be provided showing how RACF controls can be implemented, and supporting evidence collected, to demonstrate compliance.
Presenter(s): Jim Yurek, Vanguard Integrity Professionals
Back to Proceedings File Library