Cart 0
Auditing Your Payment Cards Processes, Systems and Applications: A Step By Step PCIDSS Compliant Audit Program: A Practice Guide For Payment Card

Auditing Your Payment Cards Processes, Systems and Applications: A Step By Step PCIDSS Compliant Audit Program: A Practice Guide For Payment Card

ISBN: 9781521799222
Publisher: Independently published
Publication Date: 2017-07-31
Number of pages: 24
Any used item that originally included an accessory such as an access code, one time use worksheet, cd or dvd, or other one time use accessories may not be guaranteed to be included or valid. By purchasing this item you acknowledge the above statement.
$78.68

Despite investment made by businesses that process, store, transmit and access cardholder information in the area of security, data breaches have continue to occur in a disturbing scale leading to loss of funds by cardholders, financial institutions and insurance companies. Players in the payment cards ecosystem such as the card brands (American Express®, Discover®, JCB, MasterCard®, VISA®, Union Pay® and Verve®), card issuers, terminal owners/acquirers, processors and payment switches have suffered losses and reputational damages due to inadequate security controls, process flaws as well as poor monitoring and oversight by those who are saddled with the responsibility to do so. Where vulnerabilities are left unaddressed, chances are that fraudsters and attackers could exploit them to their advantage. As the cyber security space evolves, fraudsters and attackers have continued to change their techniques of committing cybercrimes to maintain an edge. Credit, debit and prepaid card data have been stolen from unsuspecting cardholders through various scheming and fraudulent means. Personal Identification Number (PIN) information associated with credit and debit cards that serve as the last point of defense for chip cards has been stolen and used to commit fraud. Concerned business have failed to comply with relevant information security and control standards such as Payment Card Industry Data Security Standard (PCI DSS), Payment Applications Data Security Standard (PADSS), ISO 27001 and ISO 22301 as best practice. The objective of this practical guide is to offer the reader a step by step guide on how to carry out the audit/review of the payment cards processes, systems and applications to provide that needed assurance to stakeholders (management, investors and regulators) on the adequacy and effectiveness of controls in the payment cards processes and systems. Businesses that process, store, transmit and access cardholder information as a matter of corporate governance and regulation perform audit of the payment cards processes, systems and applications in a defined cycle. However, the personnel (Information Systems Auditors, Information Security Practitioners, IT Risk Managers, Card Product Managers, CIO, CISO, CTO) carrying this audit burden have sometimes fallen short in their responsibilities with its attendant impact on the confidentiality, integrity and availability of cardholder information. This book will close this gap by showing the reader how to carry out the audit testing as well as control failures/vulnerabilities to look out for in the area of payment card policies, processes, applications, databases, change management, redundancy and data backup, vendor management and third party services, encryption key management, terminal security, network security, vulnerability management, operating systems security, credit card portfolio management, card operations (priming, production, stocking & distribution), instant card issuance, reissuance among others. The primary audience is operational stakeholders (IT security managers, IT risk managers, IT managers, business managers and IT auditors) who are responsible for developing, implementing, operating, managing or reviewing the controls, technology and processes that are required to secure the system and comply with relevant industry standards (PCIDSS, PADSS, ISO 27001).

Customer Reviews


Share this Product


More from this collection