Many merchants still have not addressed their PCI compliance obligations, or if they are currently in the middle of the process (or even completed it), are unaware of how to do it in a cost-effective way and get bogged down in the details.
- The focus should be on securing what is absolutely necessary, and that means that holding onto credit card information may not be required.
- PCI compliance is not just about technology. Organizations need an Action Plan that combines technology, policy, and training and awareness to ensure compliance success.
- PCI does not just belong to one department – it is an organization-wide responsibility, from finance, to IT, to employees who are at the forefront of actually handling the transactions.
This storyboard will help organizations determine the best strategies to achieve PCI compliance that are also the most cost effective.