PCI Maturity Levels

1. Low

  • Discover card holder data processing, transmission and storage
  • Discover third party card holder data sharing
  • Discover all systems in CDE (Card holder Data Environment)
  • Discover all 3 components of PCI scope (mentioned above in item b) including third parties, impacting card holder data security
  • Define the full inventory of the PCI scope based on the discovery and the perimeters
  • Perform a gap assessment to identify required PCI DSS controls not in place
  • Documentation in order to to provide inputs to later phases, and to support the PCI yearly assessment

2. Moderate

3. Strong

--

--

--

Information Security Expert, Cyber Security Engineer, Blogger, Mentor, PCI SME, CISM, CISA, CRISC, RHCSA, MCSE, CCNA, MBA, PMP, CLSSGB

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Pournader

Ben Pournader

Information Security Expert, Cyber Security Engineer, Blogger, Mentor, PCI SME, CISM, CISA, CRISC, RHCSA, MCSE, CCNA, MBA, PMP, CLSSGB

More from Medium

From Zero Abstraction to Island: It’s about time cybersecurity gets a restart

Nonviolent Communication for Security Teams

figure 0

Threat Intelligence as a Service

The Challenges of Cyber Culture Building Thought