PCI-DSS and requirement of Risk Assessment have a very close relationship. In effect PCI-DSS has specified the requirement for an annual risk assessment as per the control 12.2 and has mentioned the requirement under guidance for requirement 10.6.2 and Testing Procedures for requirement 11.5. PCI-DSS requirement 12.2 establishes the requirement for implementing a risk assessment …
PCI-DSS compliance can be achieved with effective and efficient mapping of control requirements with either the ISO 27001 or the COBIT framework as already established and accepted across the world and industry segments. But whatever framework we follow for PCI-DSS Compliance, following steps must be followed in order to ensure that the compliance is being …