Better Stay On Top of Those CPE's Ok for a person that is as organized as I am to not stay on top of his CPE's the way I did is strange. Couple that with the fact that I got audited not once, but twice over the last 3 months by both ISACA and ISC2 (I soon after went out and bought a lottery ticket), and I realized I was not as prepared as I should have been. Now it has been hard the last 3 years to get out to training events, meetings, etc., work and travel have prohibited... Continue reading

Part Five - Selecting a QSA! This is the fifth chapter in a series about preparing for and going through a PCI assessment;... 1. Part One - Intro to a PCI on-site assessment & the QSA selection process 2. Part Two - Preparation for an on-site assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI On-site Assessment RFP 5. Part Five – Selecting a QSA to conduct an on-site PCI assessment 6. Part Six – Preparing your Company and I.T. department for the... Continue reading

Part Four - Authoring your PCI on-site assessment RFP This is the fourth chapter in a series about preparing for and going through a PCI assessment;... 1. Part One - Intro to a PCI on-site assessment & the QSA selection process 2. Part Two - Preparation for an on-site assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI On-site Assessment RFP 5. Part Five – Selecting a QSA to conduct an on-site PCI assessment 6. Part Six – Preparing your Company and I.T.... Continue reading

Part Three - Defining your scope so you know what you're assessing This is the third chapter in a series about preparing for and going through a PCI assessment;... 1. Part One - Intro to a PCI on-site assessment & the QSA selection process 2. Part Two - Preparation for an on-site assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI On-site Assessment RFP 5. Part Five – Selecting a QSA to conduct an on-site PCI assessment 6. Part Six – Preparing your... Continue reading

Part Two - Preparation for on-site assessment! This is the second chapter in a series about preparing for and going through a PCI assessment;... 1. Part One - Intro to a PCI on-site assessment & the QSA selection process 2. Part Two - Preparation for an on-site assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI On-site Assessment RFP 5. Part Five – Selecting a QSA to conduct an on-site PCI assessment 6. Part Six – Preparing your Company and I.T. department for... Continue reading

Part One - Introduction to a PCI on-site assessment This is the first chapter in a series about preparing for and going through a PCI assessment; 1. Part One - Intro to a PCI on-site assessment & the QSA selection process 2. Part Two - Preparation for an on-site assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI On-site Assessment RFP 5. Part Five – Selecting a QSA to conduct an on-site PCI assessment 6. Part Six – Preparing your Company and I.T.... Continue reading

Part One - Introduction to a PCI onsite assessment This is the first chapter in a series about preparing for and going through a PCI assessment;… 1. Part One - Introduction to PCI onsite assessment & QSA selection process 2. Part Two - Preparation for an onsite assessment and what to do first! 3. Part Three - Defining your scope so you know what you’re assessing 4. Part Four - Authoring a PCI Onsite Assessment RFP 5. Part Five – Selecting a QSA to conduct an onsite PCI assessment 6. Part Six – Preparing your Company and I.T. department for... Continue reading

Credit Card Brands Lack of Communication As most of you in the world of PCI already know MasterCard once again threw another grenade this past week with several PCI enforcement rule changes, this article is not about those changes (see MasterCards 2 Step) for that discussion. I want to discuss the card brands communication/dissemination of PCI rule changes, or lack thereof! I know this is an area we are all in agreement.For example when any of the card brands do make rule changes in how they enforce PCI, they do not seem to have a defined process on how they... Continue reading