Educause Security Discussion mailing list archives
Re: PCI Responsability
From: Rob Milman <rob.milman () SAIT CA>
Date: Fri, 6 Apr 2018 19:50:18 +0000
Hi Ron, Finance is accountable for PCI compliance, however it is joint effort between IT and Finance. Primary reason is because Finance owns the relationship with our payment provider and is ultimately responsible for any and all payment handling policies and processes. IT has contracted a third party QSA to oversee the compliance project. Thanks, Rob Milman [cid:image004.png@01D18F19.9217E950] Rob Milman Associate Director, Information Security Information Systems Southern Alberta Institute of Technology EH Crandell Building, GA 214 1301 – 16 Avenue NW, Calgary AB, T2M 0L4 (Office) 403.774.5401 (Cell) 403.606.3173 rob.milman () sait ca<mailto:rob.milman () sait ca> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ronald King Sent: Friday, April 6, 2018 9:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] PCI Responsability Good morning colleagues, I wanted to reach out to you to ask what division or department in your institution is ultimately accountable for PCI compliance. Is it your IT, Finance or another department/division? Why? Do you have a dedicated employee, contractor or team overseeing compliance to PCI? As always, feel free to reach me directly. Thank you and have a great weekend! Ron Ronald A. King, CISSP Chief Information Security Officer Morgan State University Office: (443) 885-3372 1700 E. Cold Spring Ln. Email: ronald.king () morgan edu<mailto:ronald.king () morgan edu> Baltimore, MD 21251 URL: http://www.morgan.edu Growing the future ... Leading the world<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>
Current thread:
- Re: PCI Responsability, (continued)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Nevin, Dave (Apr 06)
- Re: PCI Responsability Jason Edelstein (Apr 06)
- Re: PCI Responsability Ben Marsden (Apr 06)
- Re: PCI Responsability Josh Callahan (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
- Re: PCI Responsability Lazarus, Carolann (Apr 06)
- Security Onion - IDS build Sunil Singh (Apr 07)
- Re: PCI Responsability Dennis Bolton (Apr 09)
- Re: PCI Responsability Ronald King (Apr 13)
- Re: PCI Responsability Ronald King (Apr 06)