Risk Assessment for PCI Compliance      [Mandatory as per Requirement 12.1.2]                www.smart-ra.com
• PCI 2.0 requires a formal and structured  risk assessment methodology.• Meet the requirement with SMART                 ...
Requirement 12.1.2 emphasizes the need for a structured and formal risk assessment methodology.• “Requirement 12.1 Establi...
Scope Establishment      Identify Assets          Identify Threats                      Profiling: Add Controls   Identify...
•Search Assets                                                               •Bulk Upload of Assets                       ...
•Manage     •Assign                   Incidents by     Actions to                applying     Implement                 re...
• Meet RA requirements of PCI 2.0.• Use RA for preparation of PCI Compliance.• Reduce risks in your organization and impro...
www.smart-ra.com
Upcoming SlideShare
Loading in...5
×

PCI Risk Assessment

1,156

Published on

Meet the Risk Assessment Requirement 12.1.2 of PCI 2.0 with SMART Risk Assessment.

www.smart-ra.com

Published in: Technology, Economy & Finance
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,156
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

PCI Risk Assessment

  1. 1. Risk Assessment for PCI Compliance [Mandatory as per Requirement 12.1.2] www.smart-ra.com
  2. 2. • PCI 2.0 requires a formal and structured risk assessment methodology.• Meet the requirement with SMART www.smart-ra.com
  3. 3. Requirement 12.1.2 emphasizes the need for a structured and formal risk assessment methodology.• “Requirement 12.1 Establish, publish, maintain, and disseminate a security policy that accomplishes the following:• Requirement 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a formal risk assessment. (Examples of risk assessment methodologies include but are not limited to OCTAVE, ISO 27005 and NIST SP 800- 30.)” www.smart-ra.com
  4. 4. Scope Establishment Identify Assets Identify Threats Profiling: Add Controls Identify Vulnerabilities www.smart-ra.com
  5. 5. •Search Assets •Bulk Upload of Assets •Use predefined Standard Assets •Enter CIA values of Assets to generate Asset Value •Simple view of•Search Asset and ThreatVulnerabilities Mapping•Prioritize •Search and Findwith Level of ThreatsVulnerability •Do Profiling by Location •Vulnerabilities are also considered in defining Controls •Integrate Action Management Module to implement Controls www.smart-ra.com
  6. 6. •Manage •Assign Incidents by Actions to applying Implement relevant Controls or Controls Manage Incidents•Create Surveys •Create andto identify Manage Policyorganizational and Procedurevulnerabilities documents.•Represent •Managefindings with Document ReviewSurvey Reports •Risk Assessment Report •Monitor your •Asset Report Organizational •Threat Report Risk Health •BLSS Report, etc •Measure Effectiveness of Controls www.smart-ra.com
  7. 7. • Meet RA requirements of PCI 2.0.• Use RA for preparation of PCI Compliance.• Reduce risks in your organization and improve security.• Also help in meeting ISO 27001 and other Risk Management Standards in one go…• Save 80% of your time and cost on risk assessment. www.smart-ra.com
  8. 8. www.smart-ra.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×