Educause Security Discussion mailing list archives
Re: PCI DSS Review - 40 Hours?
From: Drew Perry <aperry () MURRAYSTATE EDU>
Date: Tue, 24 Apr 2012 11:56:56 -0500
Do you mean from the ground up? Has your organization begun/completed PCI compliance previously? I'm at the Treasury Institute's PCI workshop this week and I can say, unless you have very few Merchant ID's, and they're all SAQ A or B, then no. You won't complete it in 40 hours. My colleagues at the University of Kentucky have been working toward PCI compliance for 4 years. They're about 85% done. Sent from my phone. Drew Perry Security Analyst Murray State University (270) 809-4414 aperry () murraystate edu On Apr 24, 2012 12:31 PM, "Dan Sarazen" <dsarazen () brandeis edu> wrote:
Hi All, I’ve been asked to conduct a PCI DSS review in 40 hours. Anyone think that’s responsibly doable? Also, does anyone have a PCI DSS Audit plan? Many Thanks! Dan Sarazen Senior IT Auditor The Boston Consortium for Higher Education Brandeis University, Mailstop 110 Phone: 781-736-8703 Cell: 781-296-4444 Fax: 781-736-8706
Current thread:
- PCI DSS Review - 40 Hours? Dan Sarazen (Apr 24)
- Re: PCI DSS Review - 40 Hours? Drew Perry (Apr 24)
- Re: PCI DSS Review - 40 Hours? Lorenz, Eva (Apr 24)
- Re: PCI DSS Review - 40 Hours? Radford, Jennifer (Apr 24)
- Re: PCI DSS Review - 40 Hours? Lorenz, Eva (Apr 24)
- Re: PCI DSS Review - 40 Hours? Rich Graves (Apr 24)
- Re: PCI DSS Review - 40 Hours? Jon Young (Apr 24)
- Re: PCI DSS Review - 40 Hours? Dan Sarazen (Apr 24)
- Re: PCI DSS Review - 40 Hours? Michael Johnson (Apr 24)
- Re: PCI DSS Review - 40 Hours? Valdis Kletnieks (Apr 24)
- Re: PCI DSS Review - 40 Hours? Jon Young (Apr 25)
- Re: PCI DSS Review - 40 Hours? Dan Sarazen (Apr 24)
- Re: PCI DSS Review - 40 Hours? Brad Judy (Apr 24)
- Re: PCI DSS Review - 40 Hours? Drew Perry (Apr 24)
- Re: PCI DSS Review - 40 Hours? Marcum, Chad A (Apr 24)