Risk Assessments Aligned to the PCI DSS Standard
19th June 2020
Industry-leading information security risk management specialist InfoSaaS have today introduced an additional information asset template following several requests from our user community. The new “Payment Card Data” template joins several other information asset frameworks which are made available to InfoSaaS users, and provides a specific focus on the twelve requirements of the Payment Card Industry (PCI) Data Security Standard (DSS). With payment card data facing a unique combination of threats and vulnerabilities, primarily to its confidentiality, each of the PCI requirements has been mapped onto suggested controls from Annex A of ISO27001:2013.
Martin Poole, Head of GRC Practice at InfoSaaS, noted “Whilst it has always been possible to thoroughly risk assess valuable payment card data within InfoSaaS, this latest enhancement provides our customers with a more focused approach to the PCI DSS requirements. Initial feedback from our user community is that this is helping to increase understanding of how ISO27001 controls can be used to reduce risks to payment card processing, storage and transmission, and further improves the security posture of our customers”.
Visit www.infosaas.com to find out more about our secure cloud-based GRC solutions, and to explore a demonstration instance for yourself within minutes.