Educause Security Discussion mailing list archives

Re: PCI Responsability

From: Charles Curtis <ccurtis () AUSTINCOLLEGE EDU>
Date: Fri, 6 Apr 2018 15:42:35 +0000

Under delegation from our business affairs Vice President (who is also responsible for risk management), IT is 
responsible for assessing overall PCI requirements, determining what hardware and software enables compliant 
transactions with credit cards, and making sure the departments involved with credit card data and transactions 
understand their responsibilities relative to PCI compliance.   Each of those departments is responsible for the 
recurring training, documentation of procedures, and execution of those procedures that assures PCI compliance.

Charles

Charles Curtis
Executive Director of Information Technology
Austin College
900 North Grand Avenue
Sherman, TX 75090-4400
Phone: 903.813.2088
www.austincollege.edu<http://www.austincollege.edu/>

[http://www.austincollege.edu/images/AusColl_Logo_Email.gif]



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ronald 
King
Sent: Friday, April 6, 2018 10:18 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] PCI Responsability

Good morning colleagues,

I wanted to reach out to you to ask what division or department in your institution is ultimately accountable for PCI 
compliance. Is it your IT, Finance or another department/division? Why?

Do you have a dedicated employee, contractor or team overseeing compliance to PCI?

As always, feel free to reach me directly.

Thank you and have a great weekend!
Ron
Ronald A. King, CISSP
Chief Information Security Officer
Morgan State University                                                                                           
Office: (443) 885-3372
1700 E. Cold Spring Ln.                                                                                           
Email:  ronald.king () morgan edu<mailto:ronald.king () morgan edu>
Baltimore, MD 21251                                                                                 URL:    
http://www.morgan.edu

                                                Growing the future ... Leading the 
world<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>

Current thread:

PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
  - Re: PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
  - Re: PCI Responsability Sunil Singh (Apr 06)
    - Re: PCI Responsability Nevin, Dave (Apr 06)
    - Re: PCI Responsability Jason Edelstein (Apr 06)
    - Re: PCI Responsability Ben Marsden (Apr 06)
    - Re: PCI Responsability Josh Callahan (Apr 06)
- Re: PCI Responsability Ken Connelly (Apr 06)
  - Re: PCI Responsability Lazarus, Carolann (Apr 06)
    - Security Onion - IDS build Sunil Singh (Apr 07)

(Thread continues...)