Truth to Power Releases "PCI: Requirements to Actions" -- No-Hype, No-Bias Guidance for Better Compliance and Card-Data Security
Free research resource offers practical, experience-based advice for improving the efficiency and effectiveness of PCI compliance and information security programs.
Seattle, WA, May 19, 2009 --(PR.com)-- Truth to Power (T2P) today announced the release of new guidance for PCI compliance with the Payment Card Industry Data Security Standard (PCI DSS). The paper "PCI: Requirements to Action" addresses common questions and challenges associated with the protection of sensitive cardholder data, offering practical, experience-based pointers for more efficient, effective compliance.
"The question is not whether PCI can represent effective security: it can. However, it must be supported by both a programmatic framework and a solid technical backbone," says Cass Brewer, founder of the Truth to Power research community. "By providing free and practical guidance for both top-down and bottom-up support for PCI, T2P seeks with this paper to help companies make the most of PCI compliance while avoiding its cost and process pitfalls."
"PCI: Requirements to Action," supports integration of PCI data protection criteria into strategic risk- and security-management programs. The paper provides:
* An informed analytical perspective on PCI control requirements
* Concrete advice on how to use PCI to build and advance the overall organizational security program
* Key recommended resources for information security strategy and execution
* A translation of PCI assessment requirements into implementation actions
"PCI: Requirements to Action - Practical guidance for more efficient, effective compliance" is available online at http://www.t2pa.com/pci-research.
Knowledge by and for the Information Governance Community
"PCI: Requirements to Action" is authored by Benjamin Tomhave, MS, CISSP, and reflects T2P's goal to facilitate the cross-pollination of experience-based knowledge within the information governance community.
"Benjamin Tomhave exemplifies the ability of knowledgeable professionals to advance the information security field as a whole," Brewer said. "His willingness to share his own practice-based insight and engage with other information security professionals means that everyone can learn from his experiences. It's a unique and valuable resource, and it's a model we hope many others will follow."
Tomhave also supports the information governance community as a T2P Expert Core Guide. His advice and commentary fuel T2P's Practical Security Core, available online at http://www.t2pa.com/cores/security-and-privacy/practical-security.
Truth is Power: Open Research and Resources
"PCI: Requirements to Action" embodies Truth to Power's mission to build a common platform of practical knowledge, research, tools, and advice for business governance, risk management, and compliance. By approaching practices such as compliance, data governance, e-discovery, project management, and performance management in terms of process and information governance, T2P helps organizational leaders find the commonalities and optimization opportunities that span conventional business practices and operational roles.
T2P seeks to free managers, auditors, and other information governance professionals from knowledge boundaries and conceptual limitations that obscure risk opportunities and impede business performance. Research releases such as "PCI: Requirements to Action" support this goal as part of a rapidly growing research base that includes:
-- T2P Rules & Standards Hub: a free knowledgebase of more than 100 regulations, frameworks, and other guidance for information security, records management, IT auditing, IT investment management, and more
-- IT Policy Templates Wiki: an open, collaborative repository of dozens of customizable policies for information security, data management, change management, and more.
-- Good Free Tools: A knowledbase of free, authoritative, and interactive resources that support GRC goals
-- Filtered News Feeds: Daily categorized news updates, painstakingly vetted and filtered from hundreds of news sources for relevance and utility
All T2P resources are free, many are collaborative, and each is vetted against hype and bias. More information to T2P's spin and bias controls is available at http://www.t2pa.com/spin-and-bias-controls.
###
About Truth to Power, LLC
Founded on the principles of knowledge, utility, credibility, and community, Truth to Power, LLC provides critical information resources for humans and machines. T2P's guiding principles are: 1) To provide genuinely useful, unbiased business research and resources that help businesses reduce operational costs and uncover capital opportunities; 2) To reveal alignment between siloed business disciplines, organizations, frameworks, and practices; and 3) to enable and encourage community members to share practical experience and expertise towards a common good. Membership and resources are free. Be a part of Truth to Power at http://www.t2pa.com/.
Media Contact:
T2P Media Relations
media@t2pa.com
1-(206)-407-3022
"The question is not whether PCI can represent effective security: it can. However, it must be supported by both a programmatic framework and a solid technical backbone," says Cass Brewer, founder of the Truth to Power research community. "By providing free and practical guidance for both top-down and bottom-up support for PCI, T2P seeks with this paper to help companies make the most of PCI compliance while avoiding its cost and process pitfalls."
"PCI: Requirements to Action," supports integration of PCI data protection criteria into strategic risk- and security-management programs. The paper provides:
* An informed analytical perspective on PCI control requirements
* Concrete advice on how to use PCI to build and advance the overall organizational security program
* Key recommended resources for information security strategy and execution
* A translation of PCI assessment requirements into implementation actions
"PCI: Requirements to Action - Practical guidance for more efficient, effective compliance" is available online at http://www.t2pa.com/pci-research.
Knowledge by and for the Information Governance Community
"PCI: Requirements to Action" is authored by Benjamin Tomhave, MS, CISSP, and reflects T2P's goal to facilitate the cross-pollination of experience-based knowledge within the information governance community.
"Benjamin Tomhave exemplifies the ability of knowledgeable professionals to advance the information security field as a whole," Brewer said. "His willingness to share his own practice-based insight and engage with other information security professionals means that everyone can learn from his experiences. It's a unique and valuable resource, and it's a model we hope many others will follow."
Tomhave also supports the information governance community as a T2P Expert Core Guide. His advice and commentary fuel T2P's Practical Security Core, available online at http://www.t2pa.com/cores/security-and-privacy/practical-security.
Truth is Power: Open Research and Resources
"PCI: Requirements to Action" embodies Truth to Power's mission to build a common platform of practical knowledge, research, tools, and advice for business governance, risk management, and compliance. By approaching practices such as compliance, data governance, e-discovery, project management, and performance management in terms of process and information governance, T2P helps organizational leaders find the commonalities and optimization opportunities that span conventional business practices and operational roles.
T2P seeks to free managers, auditors, and other information governance professionals from knowledge boundaries and conceptual limitations that obscure risk opportunities and impede business performance. Research releases such as "PCI: Requirements to Action" support this goal as part of a rapidly growing research base that includes:
-- T2P Rules & Standards Hub: a free knowledgebase of more than 100 regulations, frameworks, and other guidance for information security, records management, IT auditing, IT investment management, and more
-- IT Policy Templates Wiki: an open, collaborative repository of dozens of customizable policies for information security, data management, change management, and more.
-- Good Free Tools: A knowledbase of free, authoritative, and interactive resources that support GRC goals
-- Filtered News Feeds: Daily categorized news updates, painstakingly vetted and filtered from hundreds of news sources for relevance and utility
All T2P resources are free, many are collaborative, and each is vetted against hype and bias. More information to T2P's spin and bias controls is available at http://www.t2pa.com/spin-and-bias-controls.
###
About Truth to Power, LLC
Founded on the principles of knowledge, utility, credibility, and community, Truth to Power, LLC provides critical information resources for humans and machines. T2P's guiding principles are: 1) To provide genuinely useful, unbiased business research and resources that help businesses reduce operational costs and uncover capital opportunities; 2) To reveal alignment between siloed business disciplines, organizations, frameworks, and practices; and 3) to enable and encourage community members to share practical experience and expertise towards a common good. Membership and resources are free. Be a part of Truth to Power at http://www.t2pa.com/.
Media Contact:
T2P Media Relations
media@t2pa.com
1-(206)-407-3022
Contact
Truth to Power, LLC
Cass Brewer
1-(206)-407-3022
www.t2pa.com
Cass Brewer
1-(206)-407-3022
www.t2pa.com
Contact
Categories