PCI Maturity Levels

1. Low

  • Discover card holder data processing, transmission and storage
  • Discover third party card holder data sharing
  • Discover all systems in CDE (Card holder Data Environment)
  • Discover all 3 components of PCI scope (mentioned above in item b) including third parties, impacting card holder data security
  • Define the full inventory of the PCI scope based on the discovery and the perimeters
  • Perform a gap assessment to identify required PCI DSS controls not in place
  • Documentation in order to to provide inputs to later phases, and to support the PCI yearly assessment

2. Moderate

3. Strong

--

--

--

Information Security Expert, Cyber Security Engineer, Blogger, Mentor, PCI SME, CISM, CISA, CRISC, RHCSA, MCSE, CCNA, MBA, PMP, CLSSGB

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Pournader

Ben Pournader

Information Security Expert, Cyber Security Engineer, Blogger, Mentor, PCI SME, CISM, CISA, CRISC, RHCSA, MCSE, CCNA, MBA, PMP, CLSSGB

More from Medium

Keep Pace with Kubernetes Storage Demands

Enterprise Security, the missing link.

Defence in depth the ancient Greek way

2011–2021 A decade of public cloud

Magalix + Weaveworks: Forging the Path of Secure GitOps Workflows