Heriot Prentice presents "Understanding PCI Compliance" which answers the following questions:
- What is PCI Compliance?
- Why is it important?
- What are the risks?
- Who wants you to be compliant?
- How do you become PCI Compliant?
To learn more, please visit: http://linkd.in/Services_Vaco_Resources
You can also connect with Heriot at hprentice@vacoorlando.com
2. Heriot Prentice
Over 28 years of proven management &
consulting experience in internal auditing. This
includes:
o Audit Team Leader for the Scottish Office
Audit Unit - Scotland's equivalent of the
Government Accounting Office (GAO)
o Senior Manager of Enterprise Risk Security
(ERS) with Deloitte
Heriot is also a Member & Distinguished Faculty Member of the
Institute of Internal Auditors (IIA).
Also led the creation & implementation of:
o The GAIT Methodology
o The Global Technology Audit Guide (GTAG)
3. What is PCI Compliance?
“The Payment Card Industry Data
Security Standard (PCI DSS) is a set of
requirements designed to ensure that
ALL companies that process, store or
transmit credit card information maintain
a secure environment. Essentially any
merchant that has a Merchant ID (MID).”
- PCI Compliance Guide
Source: http://bit.ly/PCI_FAQ
4. Why is it Important?
If your business is PCI Compliant,
you:
o Protect your brand's reputation
o Minimize risk of security breaches
& lost profit
o Avoid fines & unnecessary fees
o Create peace-of-mind for your
customers
o Prevent a loss of processing credit
cards
5. What are the Risks?
Potential costs of a breakdown in
your company's security include:
o Negative brand reputation &
visibility
o Up to $50,000 per breach for
compliance fines
o A number of miscellaneous fines
based on variables specific to the
event
o Up to $35,000 per breach for a
forensic examination
o Card replacement costs for all
accounts affected
6. Who Wants You to be Compliant?
o The Cardholder
o The Acquirer (aka the
Merchant Bank, ISO,
credit card processor, etc.)
o The brand of the credit card
used for payment
7. How Do You Become PCI Compliant?
Six Steps to PCI Compliance:
1. Know Your Business
Environment & Potential Risks
2. Stay Educated & Aware
3. Implement Proper Security
Measures
4. Test and Monitor Systems
5. Remediate any Problems
6. Validate Compliance
8. Contact Me
If you have a question or simply want to connect for a possible future project.
o Email: hprentice@vacoorlando.com
o LinkedIn:
http://www.linkedin.com/in/heriotprentice
o Phone: (407) 712-7878
o Cell: (407) 375-3182
My Services:
o http://linkd.in/Services_Vaco_Resources