Advertisement

PCI DSS pp 147-194 | Cite as

Risk Management vs. Compliance – The Differentiator

  • Jim Seaman
Chapter
  • 27 Downloads

Abstract

Although the current version of the PCI DSS integrated security controls framework incorporates the requirement for entities to implement an annual risk assessment process, where critical assets, threats, and vulnerabilities are identified and the results analyzed and formally documented, this is often seen as a one of tick box control within their compliance program.

Copyright information

© Jim Seaman 2020

Authors and Affiliations

  • Jim Seaman
    • 1
  1. 1.CastlefordUK

Personalised recommendations