Log in
HomeClass Notes1,200,000US530,000

ITSS 4370 Lecture Notes - Lecture 11: Payment Card Industry Data Security Standard, Vulnerability Management, Cobit

16 views3 pages
amaranthbat299
30 Jan 2017
School
UT-Dallas
Department
Information Technology and Systems
Course
ITSS 4370
Professor
osborne

For unlimited access to Class Notes, a Class+ subscription is required.

Information Security
HIPPA
Laws to secure protected health information or patent health data
Audit
PCI DSS
Payment Card Industry Data Security Standard
Major credit card issuers and applies to companies that accept,
store, process cardholder data
Goals (Have requirements in each goal)
Build maintain secure network and systems
Protect cardholder data
Maintain vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain an information security policy
How to Comply with PCI DSS
Defined specific requirements for compliance validation and reporting
Process validation
National Institute of Standards and Technology (US Department of Commerce)
NIST: The National Institute of Standards And Technology
Framework for cyber security
Framework
APQC Process Classification Framework (PCF)****
Most used process framework in the world
Common language for organizations
Free
APQC PCF Categories
Develop Vision and Strategy
Develop and manage Product and Services
Market and Sell Products and Services
Deliver Physical Products
….
ISO on IT Governance
ISO/IEC 38500:2015 Information technology Governance of IT for the
organization
Direct, Evaluation, Monitor
COBIT 5
COBIT Framwork
find more resources at oneclass.com
find more resources at oneclass.com
Unlock document

This preview shows page 1 of the document.
Unlock all 3 pages and 3 million more documents.

Already have an account? Log in

Document Summary

How to comply with pci dss: defined specific requirements for compliance validation and reporting, process validation. National institute of standards and technology (us department of commerce: nist: the national institute of standards and technology, framework for cyber security. Apqc process classification framework (pcf)***: most used process framework in the world, common language for organizations, free. Apqc pcf categories: develop vision and strategy, develop and manage product and services, market and sell products and services, deliver physical products. Iso/iec 38500:2015 information technology governance of it for the organization: direct, evaluation, monitor. Cobit 5: 5 principles, way to dealing with control, 1. Meeting stakeholder needs: create value for their stakeholder, 2. Governance and management: governance ensures that enterprise objectives are achieved by evaluating. Now one complete business framework: audit, control, management, governance of enterprise it. Logistics: sessions 1 14, mc and written responses, exm.

Get access

Grade+
$40 USD/m
Billed monthly
Grade+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
10 Verified Answers
Class+
$30 USD/m
Billed monthly
Class+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
7 Verified Answers

Related Documents

TECH 64600 Lecture Notes - Lecture 19: Payment Card Industry Data Security Standard, Vulnerability Management, Network Security
olivecockroach351
CSCI 4541 Lecture 5: Chapter 16: Cloud Security (continued) & Chapter 17: Transport-Level Security
yellowhorse239
CRIM 414 Lecture Notes - Lecture 8: Plain Text, Data Encryption Standard, Email Encryption
peacharmadillo87