Today the Payment Card Industry Security Standards Council announced a forum that will allow for feedback and debate (in a collaborative manner) between the council members and those that handle the audits. While this is meant for those that conduct the audits – this is a prime opportunity for merchants and processors to place questions, challenges, and suggestions to their auditors. So, work up those questions and get them to your auditor (and of course make sure they are going to the conference)!
“The PCI Security Standards Council (PCI SSC), an independent industry standards body providing management of the Payment Card Industry Data Security Standard (DSS) on a global basis, today announced that it has implemented formal channels for stakeholders to contribute to the organization and development of data security standards.
As part of its commitment to collaboration, the council announced it will be holding a community meeting in Toronto, Canada on September 17-19th. The three day meeting will give participating organizations and PCI SSC approved Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs) the chance to interface with Council executives and committee members and to hear perspectives from representatives from across the payment chain on their direct experience in the field.”