PCI DSS Best Practices


Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards.

Don't use plagiarized sources. Get Your Custom Assignment on
PCI DSS Best Practices
From as Little as $13/Page

Specifically, the following critical elements must be addressed:

Identify appropriate best practices of PCI DSS specific to the company’s IT environment.
Identify the touch points between the objectives and requirements of PCI DSS and company’s IT environment.
Determine appropriate best practices to implement when taking steps to meet PCI DSS objectives and requirements.
Justify your reasoning for each identified best practice.
Create a report to management that is concise in form, but comprehensive in scope.

PCI DSS Best Practices

At the request of several long-term clients, and to reduce the time it takes to fund a marketing project, Limetree’s senior management has recently decided to accept corporate credit cards. This is a new process and will require that Limetree comply with PCI DSS requirements. While PCI DSS is a private standard, compliance is required if an organization wants to accept credit cards.

As an IT professional of the company, you should make recommendations to IT management to implement best practices of PCI DSS.

Unformatted Attachment Preview

ISE 510 Module Two Short Paper Guidelines and Rubric
You will review the scenario provided and, using the module resources, complete a short paper addressing the prompt provided below.
Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within
the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and
mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers
control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with
management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards.
Specifically, the following critical elements must be addressed:
Identify appropriate best practices of PCI DSS specific to the company’s IT environment.
Identify the touch points between the objectives and requirements of PCI DSS and company’s IT environment.
Determine appropriate best practices to implement when taking steps to meet PCI DSS objectives and requirements.
Justify your reasoning for each identified best practice.
Create a report to management that is concise in form, but comprehensive in scope.
PCI DSS Best Practices
At the request of several long-term clients, and to reduce the time it takes to fund a marketing project, Limetree’s senior management has recently decided to accept corporate credit cards. This is a new process and
will require that Limetree comply with PCI DSS requirements. While PCI DSS is a private standard, compliance is required if an organization wants to accept credit cards.
As an IT professional of the company, you should make recommendations to IT management to implement best practices of PCI DSS.
What to Submit
Prepare a brief report of your findings for senior management to review. The report must be submitted as a 1- to 2-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins.
Any sources used must be cited in APA format.
Module Two Short Paper Rubric
PCI DSS Best Practices
Exemplary (100%)
Proficient (85%)
Needs Improvement (55%)
Exceeds proficiency in an
exceptionally clear, insightful,
Identifies appropriate best
practices of PCI DSS specific to the
Shows progress toward
proficiency, but with errors or
sophisticated, or creative manner
company’s IT environment
Not Evident (0%)
Does not attempt critical element
 Listen

Exemplary (100%)
Touch Points
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Proficient (85%)
Identifies touch points between
objectives and requirements of
PCI DSS and company’s IT
Not Evident (0%)

Shows progress toward
proficiency, but with errors or
Does not attempt critical element

18 Translate
Needs Improvement (55%)
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Determines appropriate best
practices to implement when
taking steps to meet PCI DSS
objectives and requirements
Shows progress toward
proficiency, but with errors or
Does not attempt critical element
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Justifies reasoning for each chosen
best practice
Shows progress toward
proficiency, but with errors or
Does not attempt critical element
Exceeds proficiency in an
Creates a report that is concise in
Shows progress toward
Does not attempt critical element
exceptionally clear, insightful,
sophisticated, or creative manner
form, but comprehensive in scope
proficiency, but with errors or
Submission is free of errors
related to citations, grammar,
spelling, syntax, and organization
Submission has no major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has critical errors
related to citations, grammar,
spelling, syntax, or organization
that negatively impact readability
and articulation of main ideas
that prevent understanding of
Articulation of Response
and is presented in a professional
and easy-to-read format

Purchase answer to see full