Professional Documents
Culture Documents
ISO 27001 VS. PCI DSS. What Is ISO 27001 - by Lakshika Sammani Chandradeva - Medium
ISO 27001 VS. PCI DSS. What Is ISO 27001 - by Lakshika Sammani Chandradeva - Medium
https://medium.com/@csammani1994/iso-27001-vs-pci-dss-4cb6d0eb717a 1/5
15/8/2020 ISO 27001 VS. PCI DSS. What is ISO 27001? | by Lakshika Sammani chandradeva | Medium
https://medium.com/@csammani1994/iso-27001-vs-pci-dss-4cb6d0eb717a 2/5
15/8/2020 ISO 27001 VS. PCI DSS. What is ISO 27001? | by Lakshika Sammani chandradeva | Medium
Then Payment Card Industry Data Security Standard (PCI DSS) an information security
standard that was implemented to reduce card related frauds by protecting cardholder
data. This Data Security Standard (DSS) was developed and maintained by the Payment
Card Industry Security Standards Council (PCI SSC). Further PCI SSC was created
jointly by four major credit-card companies such as Visa, MasterCard, Discover, and
American Express. In PCI DSS, there are 06 main goals that need to achieve in order to
obtain the PCI DSS compliant certification. However, there are 12 requirements inside
those 06 goals which required to fulfill in order to gain the certification. Further, the
latest version of this standard is PCI DSS v3.2.1.
PCI DSS has four levels which each organization needs to fall into one of those
categories.
https://medium.com/@csammani1994/iso-27001-vs-pci-dss-4cb6d0eb717a 3/5
15/8/2020 ISO 27001 VS. PCI DSS. What is ISO 27001? | by Lakshika Sammani chandradeva | Medium
Below mentioned are the 06 goals and 12 requirements which need to fulfill in order to
obtain PCI DSS certification;
Isaca.org. (2020). Comparison of PCI DSS and ISO/IEC 27001 Standards. [online] Available at:
https://www.isaca.org/resources/isaca-journal/issues/2016/volume-1/comparison-of-pci-dss-and-isoiec-
27001-standards [Accessed 2 Feb. 2020].
https://medium.com/@csammani1994/iso-27001-vs-pci-dss-4cb6d0eb717a 4/5
15/8/2020 ISO 27001 VS. PCI DSS. What is ISO 27001? | by Lakshika Sammani chandradeva | Medium
ISO 27001 can be the beginning point for PCI DSS implementation in an organization.
https://medium.com/@csammani1994/iso-27001-vs-pci-dss-4cb6d0eb717a 5/5