PCI Compliance: Difference between revisions
m (clean up, typos fixed: Wikipeda → Wikipedia) |
m (removed Category:Policies using HotCat) |
||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{IT Security Policy}} | |||
[[File:PCI | [[File:PCI_SAQ.pdf|200px|thumb|right| WMUK PCI Compliance Self-Assessment Questionnaire dated 20-09-2012]] | ||
[[File:PCI_Certificate.pdf|200px|thumb|right| WMUK PCI Compliance Certificate dated 20-09-2012]] | |||
Wikimedia UK is compliant with PCI DSS regulations. Wikimedia UK does not directly process financial information. | Wikimedia UK is compliant with PCI DSS regulations. Wikimedia UK does not directly process financial information. | ||
| Line 9: | Line 11: | ||
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. | The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. | ||
Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. (Taken from | Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. (Taken from Wikipeda - Payment Card Industry Data Security Standard) | ||
Read more here [http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard]. | Read more here [http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard]. | ||
[[Category:WMUK Security Standards]] | [[Category:WMUK Security Standards]] | ||
Latest revision as of 18:29, 17 February 2014
|
This policy was adopted by the Board on 9 February 2013. It is part of a series of IT Security Policy. |
Wikimedia UK is compliant with PCI DSS regulations. Wikimedia UK does not directly process financial information.
Wikimedia UK has completed a PCI Self-Assessment Questionnaire (SQA) demonstrating compliance.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.
Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. (Taken from Wikipeda - Payment Card Industry Data Security Standard)
Read more here [1].