Payment Card Security & IT Controls Explained

A bit about the primary author of the site:

James DeLuccia IV has focused on risk management (insurance & business) and IT Security with an almost absolute focus on IT Controls (the merging of risk management and IT Security). I believe in transparency when it comes to meeting regulations and therefore have dedicated this simple site to communicating and clarifying what I can on the Payment Industry’s data security standard (lovingly known as PCI DSS). I will try to differentiate opinions from fact when possible.  I am also in the process of developing a sister site to tackle the global crisis of international regulations and controls - a subject I have also addressed in a book that will be on the shelves in January of 2008.
My current projects focus on global regulation: Compliance-Control challenges faced by organizations and achieving operational / organization efficiency and compliance. Broadly this involves five continents, 31 nations, nearly 40 legal mandates, and an equal number of guidance articles. Specifically, I work with organizations to merge compliance concerns, such as PCI DSS v1.1, AS5, HIPAA domestic state and international privacy/breach laws, and EU Safe harbor requirements.

In addition, I have been fortunate to be a featured speaker at the most recent Association of Certified Fraud Examiners annual conference, the Institute of Internal Auditors Risk and Control Conference, ISACA, ISSA, and for the Payment Industries recent seminar series.

I have sat through and passed the VISA certification exam and am currently a QDSP, CIA, CISA, CISSP, and hold an MBA in Finance.

This site is an open discussion - please add your experiences so we may all grow together.

Best regards,

James DeLuccia IV

This work is licensed under a Creative Commons License.