The University of SydneyPage 34PCI DSS–Payment Card Industry Data Security Standard–Applies to all entities which store, process and/or transmit cardholder data.–Security standard that includes requirements for security management, policies, procedures–Primarily deals with account data protection–Facilitate broad adoption of consistent data security measures globally–Defines the foundations of PCI DSS–Applies to all system components (network, server, application)–Also covers services out-sourcing–Provides self-assessment questionnaire–Qualified Assessors, Integrators and resellers–Approved Products & Services, –Provides guidance for testing compliance–https://www.pcisecuritystandards.org/