Evolving Challenges of PCI Compliance. Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014. Agenda. What is PCI? Evolution of PCI What is PCI DSS? Compliance What does this mean to me? Recent Breach of Target Q & A. What is PCI?.
Charlie Wood, PCI QSA,CRISC, CISA
Principal, The Bonadio Group
January 10, 2014
The Payment Card Industry (PCI) standard is a set of requirements designed to ensure that ALL organizations that store, process, or transmit cardholder data do so in a secure environment.
PCI Security Standards Council was founded in 2006 by the major card brands:
Each card brand has input into the guidance provided by the Council.
A credit card as defined by the Council is any card that is backed by a major card brand, including but not limited to:
PCI Security Standard Council is responsible for the oversight of the PCI Standards, which include guidance relative to the following:
Levels are based on the number of transactions. Visa defines them as follows:
Types are defined by how your organization takes credit cards and are broken down as follows:
Based on the volume of transactions, organizations would be required to perform the following: