Embed Size (px)
DESCRIPTION
Heriot Prentice presents "Understanding PCI Compliance" which answers the following questions: - What is PCI Compliance? - Why is it important? - What are the risks? - Who wants you to be compliant? - How do you become PCI Compliant? To learn more, please visit: http://linkd.in/Services_Vaco_Resources You can also connect with Heriot at [email protected]
Citation preview
Understanding PCI Compliance
Heriot Prentice
Vaco Orlando
Heriot PrenticeOver 28 years of proven management & consulting experience in internal auditing. This includes:
o Audit Team Leader for the Scottish Office Audit Unit - Scotland's equivalent of the Government Accounting Office (GAO)
o Senior Manager of Enterprise Risk Security (ERS) with Deloitte
Heriot is also a Member & Distinguished Faculty Member of the Institute of Internal Auditors (IIA).
Also led the creation & implementation of:
o The GAIT Methodologyo The Global Technology Audit Guide (GTAG)
What is PCI Compliance?
“The Payment Card Industry Data
Security Standard (PCI DSS) is a set of
requirements designed to ensure that
ALL companies that process, store or
transmit credit card information
maintain a secure environment.
Essentially any merchant that has a
Merchant ID (MID).”
- PCI Compliance Guide
Source: http://bit.ly/PCI_FAQ
Why is it Important?
If your business is PCI Compliant, you:
o Protect your brand's reputation
o Minimize risk of security breaches
& lost profit
o Avoid fines & unnecessary fees
o Create peace-of-mind for your
customers
o Prevent a loss of processing credit
cards
What are the Risks?
Potential costs of a breakdown in your company's security include:
o Negative brand reputation & visibility
o Up to $50,000 per breach for compliance fines
o A number of miscellaneous fines based on variables specific to the event
o Up to $35,000 per breach for a forensic examination
o Card replacement costs for all accounts affected
Who Wants You to be Compliant?
o The Cardholder
o The Acquirer (aka the
Merchant Bank, ISO,
credit card processor, etc.)
o The brand of the credit card
used for payment
How Do You Become PCI Compliant?
Six Steps to PCI Compliance:
1. Know Your Business
Environment & Potential Risks
2. Stay Educated & Aware
3. Implement Proper Security
Measures
4. Test and Monitor Systems
5. Remediate any Problems
6. Validate Compliance
Contact Me
o Email: [email protected]
o LinkedIn:
http://www.linkedin.com/in/heriotprentice
o Phone: (407) 712-7878
o Cell: (407) 375-3182
My Services:
o http://linkd.in/Services_Vaco_Resources
If you have a question or simply want to connect for a possible future project.
