The 12 Step PCI Remediation Plan is a must read for any organization involved with PCI DSS compliance.
Dallas, TX (PRWEB) September 17, 2012
PCI remediation is an absolute necessity for almost any type of organization aiming for compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions. Furthermore, PCI remediation can be challenging, arduous and costly if not properly planned. Being proactive and not reactive can save organizations thousands of dollars and hundreds of billable hours from their employees, so take note of the following 12 step PCI remediation action provided by PCI-QSA Charles Denyer of NDB Advisory. Look upon the 12 step plan as both a roadmap and remediation strategy combined in one.
Read the comprehensive white paper written by PCI-QSA Charles Denyer (firstname.lastname@example.org | 1-800-277-5415, ext. 705) regarding his 12 Step PCI Remediation Action Plan.
12 Step PCI Remediation Act Plan
1. Determine the "type" of PCI DSS compliance your organization needs.
2. Conduct a preliminary gap analysis on the applicable framework.
3. Place remediation items into specific categories.
4. Determine parties responsible for the ownership of all remediation efforts.
5. Seek out products, tools, and services for remediation.
6. Identify external resources, where necessary.
8. Confirm, and test if necessary.
9. Bring in the QSA.
10. PCI is a moving target, so stay with it.
11. Assign ongoing roles and responsibilities.
12. Remember, compliance is important, but it's really about security.
Read the comprehensive white paper written by PCI-QSA Charles Denyer regarding his 12 Step PCI Remediation Action Plan.
About NDB and Charles Denyer
Charles Denyer is a member of NDB, a nationally recognized firm specializing in Regulation AB, Service Organization Control (SOC) reporting (SSAE 16, AT 101, Trust Services Principles | TSP), ISAE 3402, FISMA, NIST, HIPAA, ISO and PCI DSS compliance, along with many other regulatory compliance initiatives. He is also actively involved in numerous professional associations and organizations for a wide range of industries and business sectors, such as the American Nuclear Society (ANS), ISACA, and the Cloud Security Alliance (CSA), just to name a few.
Additionally, Charles holds numerous accounting and technology certifications along with a Masters in Information and Telecommunication Systems from the Johns Hopkins University and a Masters in Nuclear Engineering from the University of Tennessee at Knoxville. He has a keen interest in all topics related to information security, national security and homeland defense, and conducts independent research projects on specific subject matter for various entities. He can be reached at email@example.com or at 800-277-5415-ext.705.