Control Compliance Suite

 View Only

  • 1.  PCI DSS regulation and CCS 11.0

    Posted Aug 03, 2013 02:45 PM

    Hello everyone,

     

    I got a little bit confused after doing a fresh CCS 11 installation. I know CCS 11 supports PCI regulation and I can find it's content under Manage -> Content -> Controls Studio -> Mandates. When I check the predefined standards i cannot find anything related to PCI; I expected to find PCI standards ready to use. Therefore could anyone who is familiar with this topic answer my questions:

    - do I need an additional license to install the PCI standards?

    - can I run a PCI standard to check compliance with PCI regulation or do I need to map the checks to control statements in Controls Studio manually?

    - please suggest any documentation which can be helpful here,

    Thanks!



  • 2.  RE: PCI DSS regulation and CCS 11.0
    Best Answer

    Posted Aug 08, 2013 05:56 PM

    - you need no license, there simply isn't a technical standard for PCI any longer

    - you would need to develop a standard, and map controls manually via controls studio (or copy checks from predefined and clone mappings... usually, mix n match)

    - I haven't had a need to build it yet, so sorry... no doc recommendations.



  • 3.  RE: PCI DSS regulation and CCS 11.0

    Posted Aug 09, 2013 06:13 AM

    Matt, many thanks for your reply. I already started mapping checks to control statements in Controls Studio. Once that's done, I am going to use the pre-defined PCI dashboard in CCS Webconsole or create my own to get an overview.

    Regards,

    Dan