The alarming increase in the theft of payment card data motivated major credit card brands to develop the Payment Card Industry Data Security Standard (PCI DSS) to increase the protection of payment card data. However, many organizations see PCI DSS as one of the most challenging compliance standards.
PricewaterhouseCoopers has developed a five-phase approach that enables PCI compliance through the identification and remediation of risk associated with payment card data. The approach uses the PCI DSS as a baseline controls framework supplemented by appropriate risk management practices to help organizations reduce the risk and expenses associated with compliance.
The PwC publication Focus on Risk, and Compliance Will Follow: Overcoming the challenges of Payment Card Industry requirement shares the firm's integrated approach to create a more secure, efficient and compliant organization. The method aims to help merchants reduce the payment environment size; the risks associated with potential cardholder data loss, and the cost of achieving and maintaining compliance.