Reference no: EM133698279
Homework
Apply auditing processes within a technical scenario.
Purpose
This homework helps you learn how to prepare for a specific audit, in this case, the PCI-DSS audit. You will use the PCI-DSS Self-Assessment Questionnaire D for Merchants (Version 4.0 (Available in your readings) and become familiar with the various sections that the audit will cover, and what preparation must occur to ensure compliance within each section.
Instructions
Use the link to the PCI-DSS self-assessment questionnaire (SQA-D) for Vendors (V. 4.0) provided in this week's readings and use this information to complete the homework.
Consider the PCI-DSS self-assessment questionnaire D for Merchants (V. 4.0) which a typical retail merchant would have to show compliance in order to continue doing business with credit cards.
Review the questions associated with four different requirements of the twelve covered by the assessment questions (specifically sections 3, 8, 9, and one other section of your choice)
For each section explain:
1) The purpose of that section, why it is important, and what these questions seek to achieve.
2) Pick any three questions in that section and explain:
a) What the question means?
b) What evidence would be needed to show compliance?
c) Whether it would be easy or difficult to achieve compliance and why?
3) Do not pick three that are all easy
4) Summarize your impressions of the questions for this section and discuss how a merchant would establish or maintain compliance.