Re: Administration of PCD DSS Program

[Barron Hulver <Barron.Hulver () OBERLIN EDU>]

At Oberlin College the controller is the coordinator of our policy.
Here is an excerpt from our PCI policy:

Responsible Organization/Party: The Controller shall serve as the
Coordinator of the policy, which includes responsibility for notifying
applicable Department Heads and Data Managers about changes to the
policy. The Director of Networking, Operations and Systems and other
College Officers as needed will assist him.

The technical (security) controls are handled by me.  I meet with our
merchant account holders, review their setup, and submit the
self-assessment questionnaires.  We only have about ten merchant accounts.


Barron

Barron Hulver
Director of Networking, Operations, and Systems
Center for Information Technology
Oberlin College
148 West College Street
Oberlin, OH  44074
440-775-8702
Barron.J.Hulver () oberlin edu
http://www2.oberlin.edu/staff/bhulver/




On 3/12/13 6:11 PM, Carlos Lobato wrote:
> Hello Colleagues,
>
>  
>
> At your University, what department or function is responsible for the
> overall administration of the PCI DSS program i.e. administrator of
> policy(PCI requirement 12), etc.?
>
>  
>
> I would really appreciate your responses.
>
>  
>
> Carlos
>
>  
>
> *Carlos S. Lobato, CISA, CIA*
>
> *IT Compliance Officer*
>
> ** 
>
> *New Mexico State University*
>
> Information and Communication Technologies
>
> MSC 3AT PO Box 30001
>
> Las Cruces, NM  88003
>
>  
>
> Phone (575) 646-5902
>
> Fax (575) 646-5278