Book description
An ideal introduction and a quick reference to PCI DSS version 3.1
All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data.
All organizations that accept, store, transmit, or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments.
Product overview
Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.1, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organization involved with payment card processing. Coverage includes:
An overview of PCI DSS v3.1.
A PCI self-assessment questionnaire (SAQ).
Procedures and qualifications.
An overview of the Payment Application Data Security Standard (PA-DSS).
Contents
What is the Payment Card Industry Data Security Standard (PCI DSS)?
What is the scope of the PCI DSS?
Compliance and compliance programmes
Consequences of a breach
How do you comply with the requirements of the Standard?
Maintaining compliance
PCI DSS – The Standard
Aspects of PCI DSS compliance
The PCI self-assessment questionnaire
Procedures and qualifications
The PCI DSS and ISO/IEC 27001
The Payment Application Data Security Standard (PA-DSS)
PIN transaction security (PTS)
About the authors
Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance, and information security issues. He has many years of senior management experience in the private and public sectors.
Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH, and CHFI.
Table of contents
- Cover
- Title
- Copyright
- Foreword
- About The Authors
- Acknowledgements
- Contents
- Chapter 1: What is the Payment Card Industry Data Security Standard (PCI DSS)?
- Chapter 2: What is the Scope of the PCI DSS?
- Chapter 3: Compliance and Compliance Programmes
- Chapter 4: Consequences of a Breach
- Chapter 5: How do you Comply with the Requirements of the Standard?
- Chapter 6: Maintaining Compliance
- Chapter 7: PCI DSS – The Standard
- Chapter 8: Aspects of PCI DSS Compliance
- Chapter 9: The PCI Self-Assessment Questionnaire (SAQ)
- Chapter 10: Procedures and Qualifications
- Chapter 11: The PCI DSS and ISO/IEC 27001
- Chapter 12: The Payment Application Data Security Standard (PA-DSS)
- Chapter 13: PIN transaction Security (PTS)
- IT Governance Resources
Product information
- Title: PCI DSS: A Pocket Guide 4th edition
- Author(s):
- Release date: November 2015
- Publisher(s): IT Governance Publishing
- ISBN: 9781849287838
You might also like
book
PCI DSS: A pocket guide, sixth edition
This pocket guide is perfect as a quick reference for PCI professionals, or as a handy …
book
PCI Compliance, 4th Edition
Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. …
book
ISO27001 / ISO27002, A Pocket Guide, Second Edition
Protect your organisation's information assets using ISO27001:2013 Information is one of your organisation's most important resources. …
book
PCI DSS 3.1
PCI DSS has recently updated its standard to 3.1. While the changes are fairly minor in …
