funsec mailing list archives
Re: PCI compliance
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Fri, 3 Apr 2009 17:37:52 -0800
Date sent: Fri, 03 Apr 2009 23:18:00 +0100 (BST) From: Drsolly <drsollyp () drsolly com>
The logic is impeccable. PCI DSS is only concerned about data kept in electronic form. By using pencil and paper, he remains PCI DSS compliant.
I agree that, in terms of compliance, the logic works. It reminds me of ISO27k in that regard: if you are troubled by any particular vulnerability, and don't want to fix it, just ask to have it (or related system) removed from scope ... ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Beware of all enterprises that require a new set of clothes. - Henry David Thoreau http://victoria.tc.ca/techrev/rms.htm http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade http://blogs.securiteam.com/index.php/archives/author/p1/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 02)
- Re: PCI compliance Drsolly (Apr 03)
- Re: PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 03)
- Re: PCI compliance Drsolly (Apr 04)
- Re: PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 03)
- Re: PCI compliance Drsolly (Apr 03)