Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Understanding PCI Compliance


Published on

Heriot Prentice presents "Understanding PCI Compliance" which answers the following questions:

- What is PCI Compliance?
- Why is it important?
- What are the risks?
- Who wants you to be compliant?
- How do you become PCI Compliant?

To learn more, please visit:

You can also connect with Heriot at

  • Be the first to comment

  • Be the first to like this

Understanding PCI Compliance

  1. 1. Understanding PCICompliance Heriot Prentice Vaco Orlando
  2. 2. Heriot PrenticeOver 28 years of proven management &consulting experience in internal auditing. Thisincludes:o Audit Team Leader for the Scottish Office Audit Unit - Scotlands equivalent of the Government Accounting Office (GAO)o Senior Manager of Enterprise Risk Security (ERS) with DeloitteHeriot is also a Member & Distinguished Faculty Member of theInstitute of Internal Auditors (IIA).Also led the creation & implementation of:o The GAIT Methodologyo The Global Technology Audit Guide (GTAG)
  3. 3. What is PCI Compliance?“The Payment Card Industry DataSecurity Standard (PCI DSS) is a set ofrequirements designed to ensure thatALL companies that process, store ortransmit credit card information maintaina secure environment. Essentially anymerchant that has a Merchant ID (MID).”- PCI Compliance GuideSource:
  4. 4. Why is it Important?If your business is PCI Compliant,you:o Protect your brands reputationo Minimize risk of security breaches & lost profito Avoid fines & unnecessary feeso Create peace-of-mind for your customerso Prevent a loss of processing credit cards
  5. 5. What are the Risks?Potential costs of a breakdown inyour companys security include:o Negative brand reputation & visibilityo Up to $50,000 per breach for compliance fineso A number of miscellaneous fines based on variables specific to the evento Up to $35,000 per breach for a forensic examinationo Card replacement costs for all accounts affected
  6. 6. Who Wants You to be Compliant?o The Cardholdero The Acquirer (aka the Merchant Bank, ISO, credit card processor, etc.)o The brand of the credit card used for payment
  7. 7. How Do You Become PCI Compliant?Six Steps to PCI Compliance:1. Know Your Business Environment & Potential Risks2. Stay Educated & Aware3. Implement Proper Security Measures4. Test and Monitor Systems5. Remediate any Problems6. Validate Compliance
  8. 8. Contact MeIf you have a question or simply want to connect for a possible future project.o Email: hprentice@vacoorlando.como LinkedIn: Phone: (407) 712-7878o Cell: (407) 375-3182My Services:o