Risk, Readiness and Redundancy: PCI Compliance Automation With Symantec Control Compliance Suite
For most of this decade, the major credit card companies have been aggressively developing standards to establish a common approach to protect the privacy and security of sensitive credit card data. In June 2001, Visa mandated the Cardholder Information Security Program (CISP) for merchants and financial institutions handling its card transactions. In June 2004, MasterCard International introduced its Site Data Protection (SDP) program. Also in 2004, MasterCard, Visa, American Express, Discover, Diner's Club and JCB launched the Payment Card Industry (PCI) Data Security Standard (DSS) for all merchants and service providers that handle, transmit, store or process a "Primary Account Number" (PAN) of one of their cards.