CHAPTER 8: STEP 8 – REMEDIATION PLANNING
The remediation plan will integrate all findings from each of the assessments (gap, risk, establishing the baseline and audits) to build a combined remediation plan (also known as SIP). Once again, it is well worth assigning experienced and qualified project managers to build a remediation plan; ensuring key stakeholders and sponsors form part of a project review board.
The project manager should develop and deliver the project documentation that will demonstrate the rigour of all the processes described in the previous sections and should outline a clear roadmap on how to deliver the PCI compliance plan within the agreed scope and timeframes.
As a minimum, the remediation plan should include the following: ...
Get PCI DSS: A Practical Guide to implementing and maintaining compliance, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
