PCI compliance

Get Started. It's Free
or sign up with your email address
Rocket clouds
PCI compliance by Mind Map: PCI compliance

1. understanding the development lifecycle

1.1. What's our dev process?

1.1.1. Start with requirements

1.1.2. code to unit tests

1.1.3. check-in

1.1.4. security review

1.1.4.1. may require a mitigation

1.1.5. integration testing

1.1.6. QA

2. purpose of PCI

3. golden rules

3.1. PAN, expiry date and user name are *always* encrypted

3.2. cvv code is *never* written to persistent media

4. big picture

4.1. We have a policy doc

4.2. We have a process which implements the policy doc

5. If all else fails

5.1. "I always ask Paul about that"