Scoping Fun with PCI DSS 2.0 standard
OK, so as you can see from the comments, my post yesterday generated a bit of controversy. I must apologize for the 1.3.3 miss as I did my initial research after a long night of, um, networking at the PCI Community Meeting in Orlando. That post was put together with haste over the last three days, while trying to review and decipher some passionately scrawled chicken scratch. I went back and responded to the comments (no editing, it’s all there), and wanted to talk about another significant change I didn’t discuss yesterday. Page 10 of PCI DSS 2.0 adds quite a bit of text into the Scoping guidance that QSAs and assessees use to determine the correct scope for their ...
Continue Reading