PCI/DSS

Course
Time
1 hour 15 minutes
Difficulty
Beginner
CEU/CPE
1

Video Description

In this video we briefly discuss the tools required to ensure proper protection of PCI. In actuality, these tools are a mixture or standards, processes, documents, and people: - PCI SSC (Security Standards Council) - PCI DSS - secure processes to prevent, protect, and react to incidents. This is a living set of standards and is constantly evolving. - QSAs - security assessors. People who evaluate and assess whether standards are being properly interpreted and implemented. - SAQ - questionnaire used to assure that compliance with the standard is being maintained.

Video Transcription

00:04
now the next piece that will look at it. Some of the tools that were given to protect their information and the first piece will look at it. The P. C I s s see. So this is the payment cards Industry Security Standards Council, and these come from various payment card organizations or
00:23
input from these various organizations.
00:25
And their goal is to support these standards, like the data security standard, as well as other standards revolving around payment card information. So the material specifically the D. S s that we're talking about comes from the SSC, the Security Standards Council
00:43
and P C I. D. S s again gives us a framework.
00:47
The idea is to have a robust payment card data security process so tohave a living, breathing,
00:57
actionable set of standards and guidelines for how we prevent
01:03
how we did Tet,
01:03
how we react to security incidents in relation to this field.
01:08
Uh, also they're qualified. Secure the assessors que essays that are approved by the council that can help us ensure that we're in compliance with PC Idea says they're also self assessment questionnaires. This also being sort of a validation toe
01:26
Before I would go to an s que es. I might go through the questionnaire itself.
01:30
So we want to use the tools that we have that are available to us to make sure that we maintain our compliance.

Up Next

PCI/DSS

This series covers the framework governing the self-regulated payment processing industry. Compliance with these standards is critical. Learn the 12 elements of the framework and how they pertain to risk management in relation to cardholder data.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor