Description
Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards.
Specifically, the following critical elements must be addressed:
Identify appropriate best practices of PCI DSS specific to the company’s IT environment.
Identify the touch points between the objectives and requirements of PCI DSS and company’s IT environment.
Determine appropriate best practices to implement when taking steps to meet PCI DSS objectives and requirements.
Justify your reasoning for each identified best practice.
Create a report to management that is concise in form, but comprehensive in scope.
PCI DSS Best Practices
At the request of several long-term clients, and to reduce the time it takes to fund a marketing project, Limetree’s senior management has recently decided to accept corporate credit cards. This is a new process and will require that Limetree comply with PCI DSS requirements. While PCI DSS is a private standard, compliance is required if an organization wants to accept credit cards.
As an IT professional of the company, you should make recommendations to IT management to implement best practices of PCI DSS.
Unformatted Attachment Preview
ISE 510 Module Two Short Paper Guidelines and Rubric
Overview
You will review the scenario provided and, using the module resources, complete a short paper addressing the prompt provided below.
Prompt
Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within
the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and
mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers
control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with
management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards.
Specifically, the following critical elements must be addressed:
Identify appropriate best practices of PCI DSS specific to the company’s IT environment.
Identify the touch points between the objectives and requirements of PCI DSS and company’s IT environment.
Determine appropriate best practices to implement when taking steps to meet PCI DSS objectives and requirements.
Justify your reasoning for each identified best practice.
Create a report to management that is concise in form, but comprehensive in scope.
Scenario
PCI DSS Best Practices
At the request of several long-term clients, and to reduce the time it takes to fund a marketing project, Limetree’s senior management has recently decided to accept corporate credit cards. This is a new process and
will require that Limetree comply with PCI DSS requirements. While PCI DSS is a private standard, compliance is required if an organization wants to accept credit cards.
As an IT professional of the company, you should make recommendations to IT management to implement best practices of PCI DSS.
What to Submit
Prepare a brief report of your findings for senior management to review. The report must be submitted as a 1- to 2-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins.
Any sources used must be cited in APA format.
Module Two Short Paper Rubric
Criteria
PCI DSS Best Practices
Exemplary (100%)
Proficient (85%)
Needs Improvement (55%)
Exceeds proficiency in an
exceptionally clear, insightful,
Identifies appropriate best
practices of PCI DSS specific to the
Shows progress toward
proficiency, but with errors or
sophisticated, or creative manner
company’s IT environment
omissions
Not Evident (0%)
Value
Does not attempt critical element
18
Listen
Criteria
Exemplary (100%)
Touch Points
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Proficient (85%)
Identifies touch points between
objectives and requirements of
PCI DSS and company’s IT
Not Evident (0%)
ValueDictionary
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18 Translate
Needs Improvement (55%)
environment
Implementation
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Determines appropriate best
practices to implement when
taking steps to meet PCI DSS
objectives and requirements
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18
Justification
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Justifies reasoning for each chosen
best practice
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18
Conciseness
Exceeds proficiency in an
Creates a report that is concise in
Shows progress toward
Does not attempt critical element
18
exceptionally clear, insightful,
sophisticated, or creative manner
form, but comprehensive in scope
proficiency, but with errors or
omissions
Submission is free of errors
related to citations, grammar,
spelling, syntax, and organization
Submission has no major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has critical errors
related to citations, grammar,
spelling, syntax, or organization
10
that negatively impact readability
and articulation of main ideas
that prevent understanding of
ideas
Articulation of Response
and is presented in a professional
and easy-to-read format
Total:
100%
Purchase answer to see full
attachment