Review the information related to PCI DSS compliance provided in the course textbook and in the Internet resources listed for this project. Consider how this information relates to the description of S&H Aquariums provided in the scenario above.  Write a report for S&

Purpose

This project provides an opportunity for you to apply principles related to auditing to ensure information systems are in compliance with pertinent laws and regulations, as well as industry requirements.
Required Source Information and Tools

 To complete the project, you will need the following:

  1. Course textbook
  2. Access to the Internet to perform research for the project
    1. PCI Security Standards Council: https://www.pcisecuritystandards.org
    2. Important PCI Compliance Information for Merchants: https://www.bigcommerce.com/blog/pci-compliance/#weve-successfully-achieved-pci-compliance-whats-next 
    3. COSO Internal Control—Integrated Framework Executive Summary: https://www.coso.org/_files/ugd/3059fc_1df7d5dd38074006bce8fdf621a942cf.pdf
    4. COSO Internal Control—Integrated Framework PowerPoint
    5. COSO Internal Control—Integrated Framework (2013) whitepaper: https://assets.kpmg/content/dam/kpmg/pdf/2016/05/2750-New-COSO-2013-Framework-WHITEPAPER-V4.pdf

Note: The 2013 version of the framework is also available for purchase, or you may be able to retrieve it through our library.

Learning Objectives and Outcomes

 You will be able to:

  • Explain the purpose of PCI DSS
  • Analyze business factors that influence PCI DSS compliance
  • Describe potential consequences of failing to demonstrate PCI DSS compliance
  • Apply standards and frameworks to the development of information security internal control systems
  • Analyze the use of information security controls within IT infrastructure domains

Introduction

Public and private sector companies are expected to comply with many laws and regulations as well as industry requirements to promote information security. Assessments and audits of the information technology (IT) environment help to ensure a company is in compliance. A successful information security professional must be able to assess a business’s needs, evaluate various standards and frameworks, and develop a customized, integrated internal control system that addresses the company’s compliance responsibilities. Furthermore, the professional must be able to communicate with various people—both inside and outside the organization—to facilitate awareness of how control activities mitigate weaknesses or potential losses that could compromise the company’s information security.

Scenario

S&H Aquariums is a new online retailer that is about to begin selling aquariums and other items for aquarium hobbyists. In recent months, many companies have been featured in the news because of information security breaches that have exposed customers’ credit card data. S&H Aquariums’ management team is worried about the negative impact a potential breach could have on the company’s reputation and business standing.

S&H Aquariums has hired you, an information systems security expert, to ensure that the company is prepared to accept credit card payments for purchases made through the company’s Web site. To kick off the planning phase, the board of directors would like you to write a report explaining what the company will need to do to minimize risks to sensitive data and comply with applicable laws and regulations, as well as industry standards. In preparation, you sit down with the company’s president and discuss the following details:

  • Per the company’s strategic plan, the company expects to have between 20,000 and 1,000,000 credit card transactions during the first year of operations. However, the board would like to know what differences to anticipate as the volume of credit card transactions grows in the coming years.
  • The company will initially accept payments made with MasterCard and Visa only, but it may decide to accept other credit cards in the future.
  • The board of directors is discussing the possibility of opening a bricks-and-mortar store in the future, and the board would like to consider any compliance-related issues prior to making that decision.
  • The board consists of professionals from a variety of fields. It is unlikely that any of the board members are familiar with complex information security concepts or with PCI DSS, the set of requirements that prescribes operational and technical controls to protect cardholder data.

Tasks

  1. Review the information related to PCI DSS compliance provided in the course textbook and in the Internet resources listed for this project. Consider how this information relates to the description of S&H Aquariums provided in the scenario above.
  2. Write a report for S&H Aquariums’ board of directors. Include the following:
    1. Introduction
    2. PCI DSS Overview
      1. Include a discussion of the six principlestwelve primary requirements, and the sub-requirements of PCI DSS.
    4. Rationale
      1. Explain why the company needs to address the PCI DSS requirements and describe potential consequences if the company is not able to demonstrate compliance.
    6. Immediate Considerations for PCI DSS Compliance
      1. Analyze factors (including those introduced in the scenario above) that will influence S&H Aquariums’ immediate plans for PCI DSS compliance. Discuss payment brands (credit card companies), transaction volumesmerchant levels (i.e., 1 through 4), and types of reporting required in relation to S&H Aquariums’ business projections.
    8. Future Considerations for PCI DSS Compliance
      1. Analyze contingencies that may influence PCI DSS compliance in the future. Address potential questions from the board, including but not limited to:
        1. What would be expected of the company if credit card volume increases past 1,000,000 transactions in future years?
        2. What should S&H Aquariums do to demonstrate PCI DSS compliance if it begins to accept American Express or Discover?
        3. How would opening a bricks-and-mortar store affect the company’s responsibilities for PCI DSS compliance?
    10. Conclusion

As a reminder, you may use the textbook for this course and the Internet to conduct research. You are encouraged to respond creatively, but you must cite credible sources to support your work.

Submission Requirements

  • Format: Microsoft Word
  • Font: Arial, 12-point, double-space
  • Citation Style: APA
  • Length: 2–3 pages

Self-Assessment Checklist

  • I have created a report that uses a professional tone and includes correct terminology.
  • In my report, I have described PCI DSS, provided a sound rationale for addressing PCI DSS compliance, and analyzed immediate and future considerations for PCI DSS compliance.
  • I have conducted adequate independent research for this part of the project
Essay Writing Service | Write My Essay Service by EssayLink
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work with Us

Top Quality and Well-Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

See all services

Get Professional Essay Writing Service @25% OFF. We accept Cash App, Zelle, Apple Pay, Google Pay, and Stripe. Contact support for more info!

Place Your Order Now!
X
WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, how can I help?
Hi, how can I help?