For retailers today, this is as critical as turning on the lights. Consumer privacy and payment security must be a way of doing business. There are penalties for non-compliance already being assessed. However, the real financial and PR risks of security breaches far outweigh the penalties.
Compliance is DEFINITELY more than just the audit. W. Capra believes compliance is really a 5-step process:
- Internal self assessment
- Initial remediation
- PCI Compliance audit preparation
- Compliance validation (i.e. audit)
- Remediation follow-up
It is an ongoing process » NOT a project.