Which teams within a typical merchant organization are typically responsible for PCI compliance?
Ultimately, the correct answer should be: everyone. The PCI DSS covers a wide range of technical and non-technical processes, so there is a little something for every department. For example, the IT department might own the requirement to “Build and maintain a secure network,” but the Operations department might be the one to “Restrict physical access to cardholder data.” However, that doesn’t mean that you have to deploy a specific technology solution for each department. Omega ATC’s multipurpose solutions can be used by many departments to handle a number of PCI compliance, security, and systems management functions.
