What is the scope of an assessment?
All systems that store, process or transmit Primary Account Numbers (credit card numbers), and all systems that are within the same logical network as these, must be in compliance with the PCI Data Security Standard. Reducing the number of systems that are involved in transaction processing or have the possibility of accessing related data, implementing network segmentation e.g., by means of firewalls, and other measures can be employed to effectively reduce the effort for compliance assessments.
Related Questions
- Are only gas production facilities in Cook Inlet included in the scope of the risk assessment, or is the Liquefied Natural Gas (LNG) facility also in scope of the risk assessment?
- The beauty of formative assessment is that it creates a scope for the learner toimprove- that is basically the point of change?
- Is abandoned infrastructure included in the scope of the assessment?
