Community
In my last article I highlighted the importance for any business handling payment security data to keep it adequately protected by adhering to PCI DSS standards. The consequences for those that do not comply with the regulations could be dire; including loss of consumer and supplier trust, but also a fine from regulators if a data breach occurs. Of course, given there are 12 requirements to keep on-top of, it might seem like a mammoth task to stay complaint. Thankfully it doesn’t have to be that complex.
Here are nine key factors of control which can help guide any business in maintaining compliance via the 12 key requirements of the PCI DSS standard, as well as communicate compliance progress to the board. These are as follows:
Businesses should also remember that passing PCI compliance validation doesn’t mean that systems are ‘secure’, just that there was no evidence of non-compliance during the assessment period, which is typically just a week or two. On the flip side, security systems are often tested every day. Sustaining compliance with the PCI DSS Standard is not a project, a one-off activity, but an ongoing programme. A programme that needs to adapt to the changing needs of business and new technologies that may be introduced into the business environment.
The key to a compliance processes being effective is the need to be driven from the top. Often this is hindered by the simple fact that general progress or challenges are not clearly communicated or understood by executives. By structuring the compliance process and conversations on our nine factors of control effectiveness and sustainability, executives can obtain a clearer understanding of the process involved and a clearer dialogue can be opened up to avoid unnecessary obstacles.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Prashant Bhardwaj Innovation Manager at Crif
05 December
Tachat Igityan Founder and CFO at destream
03 December
Ritesh Jain Founder at Infynit / Former COO HSBC
Erica Andersen Marketing at smartR AI
02 December
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.