Preparing for a PCI DSS Assessment

In this episode of InfoSec Insider, Alastair Stewart and Tibor Laczko, both Senior Consultants and Qualified Security Assessors (QSAs) at URM, share their perspective on how organisations can most effectively and efficiently prepare for a Payment Card Industry Data Security Standard (PCI DSS) assessment.  Alastair and Tibor leverage nearly 30 years’ combined experience with the PCI DSS to discuss:  

• Practical steps teams can take to ensure the assessment runs smoothly overall
• What you should have ready before your PCI DSS assessment is even booked and how to determine if your scope definition is clear enough
• What useable evidence looks like from a practical perspective, and whether to provide everything up front or respond as questions are asked
• When self-assessment questionnaires (SAQs) vs. full assessed engagements are needed, and what to keep from an SAQ in case a full engagement is required in the future
• What to do differently if this years’ assessment follows significant amounts of change
• And more.

Ask Alastair and Tibor a question: https://urmconsulting.com/podcasts/preparing-for-a-pci-dss-assessment

If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider      

You can find more episodes of InfoSec Insider here:  https://urmconsulting.com/podcasts      

Connect with us on LinkedIn  

Brought to you by URM, the UK’s leading information and cyber security specialists.