PCI DSS V3.0: Understanding Recent Updates and Ensuring Compliance
Overview:The Knowledge Group has assembled a panel of key thought leaders to provide the audience with an In-depth analysis of PCI DSS V3.0 aimed at understanding the recent updates and ensuring compliance.
Some of the Major Topics that will be covered in this course are:
• PCI DSS V3.0: An Overview
• Issues Surrounding PCI DSS V3.0
• Compliance and Best Practices
• Up-to-Minute Regulatory Updates
Yusuf Musaji,CPA,CITP,CFF,CISSP,CGA,CGMA,QSA,PA-QSA, PCIP, President & CEO
Yusufali & Associates, LLC
- Implementing PCI DSS into Business-as-Usual Processes
New section to provide “business as usual” guidance for implementing security into business-as-usual (BAU) activities to maintain on-going PCI DSS compliance.
Sampling of Business Facilities/System Components
Sampling of Business Facilities/System Components
- PCI DSS Assessment Process
Updated section to focus on assessment process rather than documentation.
- PCI DSS Requirements and Security Assessment Procedures
Added language to define the column headings in this section, and removed references to “In Place,” “Not In Place” and “Target Date/Comments” columns.
- For the security policies and daily operational procedures (formerly requirements 12.1.1 and 12.2), assigned a new requirement number and moved requirements and testing procedures into each of Requirements 1-11.
Seth C. Harrington, Attorney
Ropes & Gray LLP
- The PCI DSS is not a self-enforcing set of standards, but largely the obligation to comply with the PCI DSS arises from the interrelated contractual relationships involving the major payment card brands, financial institutions acting as acquiring banks, and merchants and other entities that contract with those entities to handle payment card data
- Certain revisions implemented in the change from PCI DSS v 2.0 and v3.0 reflect a potential expansion of the scope of an entity’s obligation to comply with the PCI DSS.
- Specifically, revisions regarding (1) network segmentation and (2) the use of third parties, which changes likely reflect the circumstances of recent data security incident.
Who Should Attend:
- Executive Management, General Counsel, Risk & Finance
- Privacy and Data Security Lawyers and Consultants
- Banking and Finance Attorneys
- Corporate Financial Officers
- IT Security Officers
- Technology Attorneys
- Security Operations
- Compliance, Risk and IT Officers
- Financial Crime Attorneys & Consultants
Yusuf Musaji is the Founder and CEO of Yusufali & Associates (Y&A). Y&A (www.ya-cpa.com) is an ISC2, PCIDSS, PCAOB and AICPA registered USA based CPA public accounting firm specializing in Audits and Consulting including Payment Card Compliance, SSAE16, Internal and Management Audits and is exclusively dedicated to providing these Services to the small to midsize businesses (SMB) in the United States and Internationally. Its focus remains consistent; proactively helping its clients attain superior long-term profitability and growth through well managed and well controlled Technology, Systems and Processes.
Yusuf Musaji is widely published in IT, Financial and Security journals regarding IT/User relationships, and has authored two books, Auditing and Security, AS/400, Windows, UNIX, Networks and Disaster Recovery Plans, and Auditing the Implementation and Operation of ERP Systems.
Yusuf Musaji is the Founder and CEO of Yusufali & Associates (Y&A). Y&A (www.ya-cpa.com) is an ISC2, PCIDSS, PCAOB and …
Seth Harrington focuses his practice on complex business litigation, including the wide array of legal issues arising out of data security breaches. In particular, Seth has extensive experience representing clients in connection with claims by credit card brands and financial institutions relating to payment-card related data breaches. Seth works with clients to manage the forensic investigation of a breach and to respond to litigation and regulatory inquiries. Additionally, Seth works with attorneys in the Privacy and Data Security Counseling group in connection with advising clients on the Payment Card Industry Data Security Standards and negotiation of agreements implicating payment card data.
Seth Harrington focuses his practice on complex business litigation, including the wide array of legal issues arising out of data …
Print and review course materials
Method of Presentation:
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE Credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Yusufali & Associates, LLC
Yusufali & Associates, LLC (www.ya-cpa.com) is a ISC2, PCIDSS, PCAOB and AICPA registered USA based CPA public accounting firm specializing in Audits and Consulting including Payment Card Compliance, SSAE16, Internal and Management Audits and is exclusively dedicated to providing these Services to the small to midsize businesses (SMB) in the United States and Internationally. Its focus remains consistent; proactively helping its clients attain superior long-term profitability and growth through well managed and well controlled Technology, Systems and Processes.
Yusufali & Associates (Y&A) is also registered with FINRA and provides Audit Services to Broker Dealers and also has a Trusted Advisory Partnership relationship with AXA Advisors, LLC and performs 401 K Audits for its clients.
Y&A’s commitment to excellence is unsurpassed in the industry, and every Y&A engagement is executed with an absolute minimum disruption to their staff.
About Ropes & Gray LLP
Ropes & Gray LLP is a leading global law firm with offices in New York, Washington, D.C., Boston, Chicago, San Francisco, Silicon Valley, London, Hong Kong, Shanghai, Tokyo, and Seoul. Built on a foundation of more than 140 years of forging strong client relationships, Ropes & Gray has over 1,000 lawyers and professionals representing interests across a broad spectrum of industries in corporate law and litigation matters, as well as counseling on labor and employment issues, tax and benefits, creditors’ rights, and private client services. The firm’s clients include leading industrial companies, financial institutions, government agencies, hospitals and health care organizations, colleges and universities, as well as families and individuals.