Re: PCI Compliance Efforts

[Felecia Vlahos <fvlahos () COX NET>]

Jennifer,

Can you describe what you mean by "compliance efforts"?  1) Using a QSA,  
which ASV, project tools?  Or 2) merchant level, #MIDs, submitted  
attestations, compliance status, etc.?

For the set of questions in 2), this would be considered protected  
information, especially in a combined database.

Felecia Vlahos
ISO SDSU

On Fri, 14 Oct 2011 14:08:35 -0700, Radford, Jennifer  
<jradford () intaudit ubc ca> wrote:

> Hi,
>
>
> I am trying to benchmark PCI compliance efforts across north American  
> Higher Ed Institutions. I would be grateful if people could share their  
> insights in this area.
>
> Cheers,
>
>
> Jenny
>
>
> Jennifer Radford, Senior IT Audit Manager
>
> Internal Audit, UBC
>
> 6000 Iona Drive, Vancouver, BC Canada V6T 1L4
>
> Phone:  604-822-6512
>
> Fax:  604-822-9027
>
> E-mail:  Jradford () intaudit ubc ca
>
> Web:  www.intaudit.ubc.ca
>
> The information contained in this e-mail message is strictly  
> confidential and intended solely for the use of the designated  
> addressee(s). Any unauthorized viewing, disclosure, copying or  
> distribution of this e-mail is prohibited and may be unlawful. If you  
> have received this e-mail in error, please do not read it, reply to the  
> sender immediately to >inform us that you are not the intended  
> recipient, and delete the e-mail from your computer system. Thank you.