As a good QSA will tell you, such security standards are meant to be a baseline. Good organizations go beyond cramming for annual PCI reviews. WHAT IS PCI?The Payment Card Industry Data Security Standards “are the floor, not the ceiling” for data secruity, says Martin McKeay, a qualified security assessor (QSA) and author of the Network Security Blog. COMPLIANCE IS ONLY PHASE ONE.McKeay says some merchants only do the minimum to comply with PCI and thinks QSAs need to teach businesses that these standards are only a baseline. “There are those who see it as a pain.” ASSESSMENTS CAN BE SUBJECTIVE.McKeay emphasizes that PCI assessments aren’t clear-cut audits because many standards are open to interpretation. That makes it doubly important that you establish a good relationship and clear lines of communication with your QSA. NARROW THE SCOPE, IF POSSIBLE.You are required to assess everynetwork and system that comes in contact with credit card data. You can save yourself headaches by segmenting your network to keep that number to a bare minimum. ALLOW SUFFICIENT TIME FOR AUDITS.If you don’t allow time for the for the QSA to review your documentation, as well as for you to remedy any problems, you could put yourself in the position of begging your bank for an extension. Related content BrandPost Leadership superpower: Succeeding sustainably As today's great leaders recognize, true success is not solely measured by the bottom line but also by the impact a business has on its stakeholders, including employees, partners, and the environment. By Marie Kalliney, Practice Leader, Digital Transformation Services, Broadcom Mar 28, 2023 5 mins IT Leadership BrandPost Helping the C-suite leverage their network as a business-boosting asset By Tanya O'Hara Mar 28, 2023 3 mins IT Leadership Opinion 5 hard questions every IT leader must answer Strong leadership is vital to IT success — and shouldn’t be taken for granted. Continual self-reflection is essential for knowing whether it’s time to restructure your approach to leading IT. By Thornton May Mar 28, 2023 5 mins Business IT Alignment IT Leadership Feature CIOs address the impact of hybrid work Assessing how some of the most progressive CIOs strive to provide both technological and emotional support for a dispersed workforce. By Pat Brans Mar 28, 2023 8 mins CIO Remote Work Employee Experience Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe