Security Standards White Papers

Using ISO 27001 for PCI DSS Compliance

Overview The Payment Card Industry Data Security Standard (PCI DSS) isn't dramatically different to the requirements of the best practice security standard - ISO 27001, except that PCI doesn't mention any of the prerequisites required for a management framework, e.g. management commitment, scope definition, security awareness training, ongoing improvement plans, whereas ISO 27001 omits a lot of the detail around how controls are actually implemented. So therefore, one could be forgiven for believing that MasterCard and Visa assumed PCI would contain additional security requirements to sit on top of an already established Information Security Management System (ISMS).

Further White Paper Details
PublisherSiemens File FormatPDF
Date PublishedFebruary 2007
FormatWhite Papers   
Topics
  • Download White Paper
  • Yes, useful No, not useful Did you find this white paper useful?

Microsoft FDCC Webcast Series: Do It Right: Log in as Normal User

Download

FDCC requires that the typical user run as Normal User whenever possible; without this, a managed environment is practically impossible. For organizations that have given Local Administrator rights to their...

Gartner Report: Magic Quadrant for Secure Web Gateway, 2007

Download

Interested in what analyst firm Gartner has to say about Blue Coat Secure Web Gateway solutions? Read its "Magic Quadrant for Secure Web Gateway, 2007" report to find out....

Diffie-Hellman Key Exchange -- A Non-Mathematician's Explanation

Download

The Diffie-Hellman algorithm is one of the most common protocols used in networking today. An understanding of its underlying protocols and processes helps a great deal when trouble-shooting a system....

Segregation of Duties in the Real World: Risk-Based SoD Management With Continuous Monitoring Lowers Compliance Costs

Download

Segregation of duties in the real world demands top-down management that eliminates financial risk without adding overhead costs or extinguishing ERP-fueled efficiency gains of the last decade. Fortunately, auditors and...

Encryption Essential to Meet Information Security and Compliance Initiatives

Download

California's unique notice of security breach act (frequently called "S.B. 1386") and the Gramm-Leach-Bliley Act of 1999 (also known as "The Financial Services Modernization Act") are two major laws that...

  • Featured White Papers
Packeteer

Best in Class Organisations Use Packeteers WAN Optimisation Solutions


Independent research from the Aberdeen Group shows that the most successful enterprises are reaping the benefits of the Packeteer solution and are using it for competitive advantage.

Download

Siemens

Protecting key assets (security)


Key infrastructure elements must be secured against outages, damage and sabotage. Siemens offers comprehensive solutions from healthcare and power generation to water supply, transportation, and industrial production, to telecommunications.

Download

DataFlux

Getting Started with Master Data Management


Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Download

Childnet helps parents get web savvy

Childnet helps parents get web savvy

Case study: Gov't initiative to bridge digital divide more

More Public Sector

Travel site bookings fly when glitch fixed

Travel site bookings fly when glitch fixed

Case study: Testing software gives Thomson Holidays a boost more

More Retail & Leisure

Cheat Sheet: BBC iPlayer

Cheat Sheet: BBC iPlayer

Get the lowdown on Auntie's biggest online endeavour more

More WebWatch


Quick Sitemap Links: