CHAPTER 11: THE PCI DSS AND ISO/IEC 27001
ISO/IEC 27001 is the international information security management standard that more and more organisations are using to ensure that their information security management meets the data protection and compliance requirements of a wide variety of legislation, including EU Data Protection Acts and Privacy Directives, HIPAA, the GLBA and others.
While the PCI DSS was not written to map specifically to ISO 27001 or to any other existing framework, it sits clearly within the ISO 27001 framework, and organisations that have implemented an ISO 27001 information security management system (ISMS) should be able, with minor additional work, to also demonstrate their conformance with the PCI DSS. The individual ...
Get PCI DSS: A Pocket Guide 5th edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
