PCI DSS Compliance Policy

The PCI DSS Policy Manual (PDPM) is an evolution of our successful Information Security Policy Manual (ISPM). The PDPM was developed based on requests from Merchant Service Providers (MSPs), IT consultants, and merchants for a cost-effective solution to meet the needs of smaller merchants.

The PDPM is a streamlined version of the ISPM, focusing solely on the twelve (12) sections of the Payment Card Industry Data Security Standard (PCI DSS). This is ideal for businesses that must be compliant with the PCI DSS and state breach laws, but not Federal laws, such as HIPAA, FACTA, GLBA, and SOX.

PCI DSS Security Policy

[click on an image to see an example]

If PCI DSS compliance is your only compliance concern, the PDPM is a good solution for your needs. If you still have any questions about what other compliance requirements you may fall under, please contact us for a no-cost needs assessment. We routinely work with businesses to assess their needs. Our goal is to have your business properly protected, so we want to help.

The ramifications for non-compliance with the PCI DSS are quite severe. In addition to fines from the PCI members, you will be held liable for all fraudulent charges, you must pay for a forensic investigation to determine the cause of the breach, you will be elevated to a higher (and far more expensive) reporting category, and insurance will not cover any of these expenses. That does not include possible lawsuits from former clients that will sue over having their credit or debit card information breached. This is a situation where an ounce of prevention is immensely less than a pound of cure!

Copyright 2005-2009. All rights reserved.
iSecurityPolicy.com is a division of BlackHat Consultants, LLC. BlackHat Consultants, LLC is Veteran owned.
We are proud to support other small & medium businesses that help make this a great country.