REGISTER

email 14 48

Update version of the PCI Compliance Dashboard

Details
Parent Category: User Blogs
MyBlog

Please feel free to use this “compliance dashboard” spreadsheet to sustain your PCI compliance journey.

 

It encompasses:

 

  •  A table of content and navigation links (NEW)
  • "Scope" sheet allowing you to define the Card Data Environment (CDE) (NEW)
  • An Executive summary showing your progress on your PCI compliance journey based on the selected merchant type (UPDATED)
  • Possibility to hide/unhide non applicable requirements associated to the selected Merchant Type.(NEW)
  • Graphs (Compliance % and Severity Level per requirements (UPDATED)
  • Documentation sheet - List of your documentation (technical, policies and procedures) related to PCI. (NEW)
  • All PCI DSS requirements grouped by section
  • Guidance associated to each requirements
  • The major observation points from the 2011 Verizon PCI Compliance report for each requirement
  • The PCI Glossary
  • The participants list (NEW Renamed to "PCI Team")
  • The list of merchant types
  • The compensating controls documentation sheet
  • The Validation Instructions for QSA/ISA for each requirement
  • Indication of "relevance" by merchant types (A, B, C, C-VT, D). "1" indicates that the requirement is relevant.
  • Priority level or milestones from the “prioritized approach” (1-6)
  • A column "In Place" (Yes/No/Compensating control Present)
  • A column severity equals to the PCIco priority level for not in place requirements (NEW)
  • A column "Stage of implementation (if not in place)"
  • A column "Estimated date for completion"
  • A column "Proofs/Documentation/Comment"
  • A column "Remediation plan" (what must be done)
  • A Column "Owner" (The individualor department in charge) (NEW: association with the PCI Team)
  • A Column "SANS Top 20 Critical Security Controls" matching subcontrols for each PCI requirement wherever possible. (NEW)
  • A Sheet " SANS-PCI" Listing all SANS Top 20 Critical Security Controls and Sub-controls together with  PCI requirements partially or fully matching the sub-controls. Also % of match for each SANS Controls. (NEW)
  • Links to the PCI 30 seconds newsletters (UPDATED)

https://community.rapid7.com/docs/DOC-1512

Check out the PCI 30 seconds newsletter #20 – PCI DSS and SANS Top 20 Critical Security Controls: The Sumo match. Add get access to the detailed analysis paper. 

 

https://community.rapid7.com/community/infosec/blog/2012/06/11/pci-30-seconds-newsletter-18-pci-versus-sans-or-minimum-versus-critical

NEWS & PR

Banner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

Log in Register

Please Login to download this file

Username *
Password *
Remember Me

Banner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

Banner

CyberBanner

CyberBanner

Go to top