PaulDotCom mailing list archives
Question about PCI audit results and reality....
From: mike.patterson at unb.ca (Mike Patterson)
Date: Wed, 12 Aug 2009 16:21:14 -0400
Joel Folkerts wrote on 8/12/09 3:04 PM:
I would explain to management that PCI is simply a least common denominator and should not be treated as the end-all, be-all to information security. PCI merely attempts to address a minimum set of criteria that will mitigate a large portion of the threats that your organization is facing. That being said, it's unrealistic that any accreditation be able to address every threat.
You run the risk of having a conversation like the waitress and her manager in Office Space at this point: if the minimum is 5 pieces of flair, and I have 5, but you want me to be more like Brian, I should wear more, yeah? No, I'm just saying that if you're happy with the minimum... at that point, management says "yes, we are, thank you for your opinion but we're happy with 5 pieces of flair, now go do your job." Mike
Current thread:
- Question about PCI audit results and reality.... Jason Wood (Aug 12)
- Question about PCI audit results and reality.... Vincent Lape (Aug 12)
- Question about PCI audit results and reality.... Jason Wood (Aug 12)
- Question about PCI audit results and reality.... Chris Merkel (Aug 12)
- Question about PCI audit results and reality.... Jason Wood (Aug 12)
- Question about PCI audit results and reality.... Paul Asadoorian (Aug 12)
- Question about PCI audit results and reality.... Shawn Bernard (Aug 12)
- Question about PCI audit results and reality.... Joel Folkerts (Aug 12)
- Question about PCI audit results and reality.... Mike Patterson (Aug 12)
- Question about PCI audit results and reality.... Jack Daniel (Aug 12)
- Question about PCI audit results and reality.... Ron Gula (Aug 13)
- Question about PCI audit results and reality.... Robert Portvliet (Aug 13)
- Question about PCI audit results and reality.... Jason Wood (Aug 13)
- Question about PCI audit results and reality.... Nathan Sweaney (Aug 14)
- Question about PCI audit results and reality.... Robert Miller (Aug 20)
- Question about PCI audit results and reality.... Edward Frye (Aug 21)
- Question about PCI audit results and reality.... Ron Gula (Aug 13)
- Question about PCI audit results and reality.... Vincent Lape (Aug 12)