risk assessment – milestone # 1 for pci compliance
DESCRIPTION
Risk Assessment has been given a lot of emphasis in the new PCI DSS 2.0.TRANSCRIPT
Risk Assessment – Milestone # 1 for PCI Compliance
1www.smart-ra.com
PCI and Risk Assessment
• The PCI Council is acknowledging and emphasizing the need for formal risk assessment in the new PCI DSS 2.0.
• Requirement 12.1.2 emphasizes the need for a formal and structured risk assessment methodology for PCI Compliance.
2www.smart-ra.com
Requirement 12.1.2 of PCI 2.0
Requirement 12.1.2 emphasizes the need for a structured and formal risk assessment methodology.
• “Requirement 12.1 Establish, publish, maintain, and disseminate a security policy that accomplishes the following:
• Requirement 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a formal risk assessment.(Examples of risk assessment methodologies include but are not limited to OCTAVE, ISO 27005 and NIST SP 800-30.)”
3www.smart-ra.com
Risk Assessment – Milestone # 1
• Risk Assessment is Milestone 1 in the new Prioritized Approach to PCI Compliance
• Reference: https://www.pcisecuritystandards.org/documents/Prioritized_Approach_V2.0.pdf
4www.smart-ra.com
Find out More
• Attend a free webinar on why you need a formal risk assessment for PCI Compliance.
• Click here to register before slots run out
https://www3.gotomeeting.com/register/112699998
5www.smart-ra.com