PCI DSS - penalty of not being compliant Online publication date: Thu, 28-Aug-2014
by Umesh Hodeghatta Rao; Umesha Nayak; R. Gopalakrishnan
International Journal of Auditing Technology (IJAUDIT), Vol. 2, No. 1, 2014
Abstract: PCI security standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. To be PCI compliant, credit card merchants should respond to a series of requirements imposed by the credit card industry. The internal audit and information security team should work together to achieve the PCI compliance. The information security experts design and implement technologies to secure the resources. Continuous audit, both internal and external, provides feedback on the effectiveness of these technologies in protecting the information and provides suggestions for improvement. In this paper, we explain the importance of being PCI compliant, the consequences of not being PCI compliant through a real-life case study of an insurance company. We also describe the importance of internal auditing and why should internal audit be conducted periodically. The case also demonstrates the need for compliance and the issues around the payment card industry in terms of data security pertaining to cardholder data. The case further explains the cost associated in terms of non compliance and/or breach of cardholder data, penalty that has to be paid to the member banks.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Auditing Technology (IJAUDIT):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook