PCI DSS: Improving Internal and External Relationships
The Payment Card Industry Data Security Standard (PCI DSS) is a set of comprehensive requirements for enhancing payment card data security. The standard was developed by the founding payment brands of the PCI Security Standards Council (PCI SSC), including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
Constant changes to the PCI DSS, the lack of clarification from the Standards Council on areas such as end-to-end encryption and inconsistent advice from QSAs make understanding how PCI can work in merchant organisations increasingly difficult.
In this one-day workshop The Corporate IT Forum teamed up with industry experts, well-known and trusted suppliers and members of the standards council to understand how organisations can make the standard work to their best advantage. Bringing together the perspectives of merchants, acquirers and QSAs, the ‘PCI DSS: Improving Internal and External Relationships' event aimed to define and improve relationships between internal teams working on PCI and external partners. The event also asked important questions about whether it is better to train and assess internally or outsource and use external providers.
This workshop included a presentation on Payment System Risk from Shane Balfe, AIS Technical Manager with Visa Europe, and a presentation by Philip Whittaker, Information Security & Governance Manager at Onformonics about Projects, Programmes, Pitfalls and the Management of Risk. Presentations delivered by Neira Jones, Head of Payment Security at Barclaycard and Eamonn Skyrme, Senior Manager, PCI Compliance & Scheme Management at RBS WorldPay, covered Acquirers and Compliance.
The workshop concluded with focused round table member-only discussions. This event was attended by 35 senior professionals from 23 organisations at various stages of implementing PCI DSS compliance programmes within their organisation, which represents a wide cross section of industry sectors.
"Just wanted to say thanks; another great day where I have come out with more knowledge than I entered with"
"Many thanks; [the event was] very good and beneficial"
"I have never not found a day interesting"
"The Corporate IT Forum is a fantastic level check, free of vendor sell and consultancy hype. I like the open sharing of experience…"
"We get valuable knowledge and experience from members of The Corporate IT Forum. This helps us to make better and informed decisions to reach our business goals…"
"The knowledge from other people on what they are doing/have done is invaluable to my team"
"The workshop validated the marketplace for supplier apps; participants were of a uniformly high standard; personally, I value highly the ethos of the Forum in the fact that it is supplier independent"