Discover millions of ebooks, audiobooks, and so much more with a free trial

Only $11.99/month after trial. Cancel anytime.

PCI DSS: A Pocket Guide, fourth edition
PCI DSS: A Pocket Guide, fourth edition
PCI DSS: A Pocket Guide, fourth edition
Ebook56 pages33 minutes

PCI DSS: A Pocket Guide, fourth edition

Rating: 0 out of 5 stars

()

Read preview

About this ebook

An ideal introduction and a quick reference to PCI DSS version 3.1

All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data.

All organisations that accept, store, transmit or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments.

 

Product overview

Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.1, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation involved with payment card processing. Coverage includes:

  • An overview of PCI DSS v3.1.
  • A PCI self-assessment questionnaire (SAQ).
  • Procedures and qualifications.
  • An overview of the Payment Application Data Security Standard (PA-DSS).
About the authors

Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors.

Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH and CHFI.

LanguageEnglish
Publisheritgovernance
Release dateNov 24, 2015
ISBN9781849287838
PCI DSS: A Pocket Guide, fourth edition
Author

Alan Calder

Alan Calder is a leading author on IT governance and information security issues. He is the CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru. He has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.

Read more from Alan Calder

Related to PCI DSS

Related ebooks

Security For You

View More

Related articles

Reviews for PCI DSS

Rating: 0 out of 5 stars
0 ratings

0 ratings0 reviews

What did you think?

Tap to rate

Review must be at least 10 words

    Book preview

    PCI DSS - Alan Calder

    PCI DSS

    A Pocket Guide

    Fourth edition

    PCI DSS

    A Pocket Guide

    Fourth edition

    ALAN CALDER

    GERAINT WILLIAMS

    Every possible effort has been made to ensure that the information contained in this book is accurate at the time of going to press, and the publishers and the authors cannot accept responsibility for any errors or omissions, however caused. Any opinions expressed in this book are those of the authors, not the publisher. Websites identified are for reference only, not endorsement, and any website visits are at the reader’s own risk. No responsibility for loss or damage occasioned to any person acting, or refraining from action, as a result of the material in this publication can be accepted by the publisher or the authors.

    Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form, or by any means, with the prior permission in writing of the publisher or, in the case of reprographic reproduction, in accordance with the terms of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publishers at the following address:

    IT Governance Publishing

    IT Governance Limited

    Unit 3, Clive Court

    Bartholomew’s Walk

    Cambridgeshire Business Park

    Ely

    Cambridgeshire

    CB7 4EA

    United Kingdom

    www.itgovernance.co.uk

    © Alan Calder and Nicki Carter 2008, 2010, Alan Calder and Geraint Williams 2013, 2015

    The authors have asserted the rights of the authors under the Copyright, Designs and Patents Act, 1988, to be identified as the authors of this work.

    First published in the United Kingdom in 2008 by

    IT Governance Publishing:

    ISBN 978-1-905356-64-5

    Second edition published in 2011:

    ISBN 978-1-90535-665-2

    Third edition published in 2013:

    ISBN 978-1-84928-557-5

    Fourth edition published in 2015

    ISBN: 978-1-84928-783-8

    FOREWORD

    Target dates for compliance with the PCI DSS have all long since passed, and the Standard is now on its third version. Many organisations around the world – particularly those that fall below the top tier of payment card transaction volumes – are not yet compliant.

    There are perhaps three reasons for this.

    The first is that, outside a few US States, the PCI DSS has no legal status: it is not a law and does not have the force of law. Enforcement can only be carried out by contractual means, in a competitive payment card marketplace. The UK’s Information Commissioner, however, has said that compliance with the PCI DSS shows due diligence in protecting cardholder data,

    Enjoying the preview?
    Page 1 of 1