Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Itci Itacl Pci 0321 Lb

Itci Itacl Pci 0321 Lb



|Views: 334|Likes:
Published by ken@dler,net
Auditor's Checklist: PCI Audit Compliance
Auditor's Checklist: PCI Audit Compliance

More info:

Published by: ken@dler,net on Mar 01, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Practical guidance on how to prepare for successful audits 
Payment CardIndustry (PCI)
Research Sponsor
Table of Contents
Executive Overview
Introduction to PCI4 What Are the Benefits of PCI Compliance?
The Auditor’s Perspective on PCI5 Why Audit?6 Who Is Responsible for PCI?9 Management’s Role in the Audit Process10 What Auditors Want To See11 Auditors Like…11 Auditors Don’t Like…
11 How Companies (Inadvertently orIntentionally) Help or Hinder Auditors
Who Should Talk to the Auditors?
PCI Audit Checklist14 Theme 1: Building and Maintaininga Secure Network Audit Testing15 Theme 2: Protecting Cardholder Data19 Theme 3: Maintaining a VulnerabilityManagement Program20 Theme 4: Implementing Strong AccessControl Measures21 Theme 5: Regularly Monitoring andTesting Networks22 Theme 6: Maintaining an InformationSecurity Policy23 Audit Reporting
Preparing for an Audit
Communicating with Auditors
AppendicesAppendix A: Glossary of Terminologyand AbbreviationsAppendix B: PCI Data Security StandardAppendix C: PCI Security Audit ProceduresAppendix D: PCI Self-Assessment Questionnaire
All design elements, front matter, and content are copyright © 2007 IT ComplianceInstitute, a division of 1105 Media, Inc., unless otherwise noted. All rights arereserved for all copyright holders.
No part of this publication may be reproduced, stored in a retrieval system, ortransmitted in any form or by any means, electronic, mechanical, photocopying,recording, scanning, or otherwise, except as permitted under § 107 or 108 of the1976 United States Copyright Act, without the prior written permission of thecopyright holder.
Limit of Liability/Disclaimer of Warranty: While the copyright holders, publishers,and authors have used their best efforts in preparing this work, they make norepresentations or warranties with respect to the accuracy or completeness ofits contents and specifically disclaim any implied warranties of merchantability orfitness for a particular purpose. No warranty may be created or extended by salesrepresentatives or written sales materials. The advice and strategies containedherein may not be usable for your situation. You should consult with a professionalwhere appropriate. Neither the publishers nor authors shall be liable for any lossof profit or any other commercial damages, including, but not limited to, special,incidental, consequential, or other damages.
All trademarks cited herein are the property of their respective owners.
 About the IT Compliance Institute
The IT Compliance Institute (ITCi) strives to be aglobal authority on the role of technology in businessgovernance and regulatory compliance. Throughcomprehensive education, research, and analysisrelated to emerging government statutes and affectedbusiness and technology practices, we help organizationsovercome the challenges posed by today’s regulatory environment and find new ways to turn complianceefforts into capital opportunities.ITCi’s primary goal is to be a useful and trusted resourcefor IT professionals seeking to help businesses meet privacy, security, financial accountability, and otherregulatory requirements. Targeted at CIOs, CTOs,compliance managers, and information technology professionals, ITCi focuses on regional- and vertical-specific information that promotes awareness andpropagates best practices within the IT community.
For more information, please visit: www.itcinstitute.com
Comments and suggestions to improve the IT Audit Checklists are always encouraged. Please send yourrecommendations toeditor@itcinstitute.com.

Activity (8)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
baranidharan .k liked this
mns_cali liked this
amikeliunas liked this
MR_Brooks liked this
vapt liked this
nirmal14503 liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->