...is what you must endure if you are keeping a soft copy of credit card records (as an American business entity). PCI stands for Payment Card Industry and there is a Payment Card Industry Data Security Standard. I went to the Dallas Day of Dot Net convention this weekend and ran into a guy there from Improving who said that Improving has done PCI audits for companies to preflight their processes in advance of the real audits from Uncle Sam. Some links:
- http://www.cio.com.au/article/400307/understanding_pci_compliance_auditing/
- http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
Addendum 7/30/2014: Uncle Sam does not do PCI audits. See: this and this
No comments:
Post a Comment