Cobit and PCI 1566
KASAL last edited by
I am looking for a matrix that make the link between the control Cobit and the control related to PCI (payment Card Industry). Where can I find it?
harrywaldron last edited by
There are a lot of products and vendor solutions I noted in a Google search and didn’t see a lot in the way of free items. Some of our members may offer better links.
Below are partial URLs that you can add a www to and paste into your browser - as direct hyperlinking is discouraged in the forums
google.com/search?hl=en-and-q=Cobit Payment Card Industry
BMC - 10 Page PDF - charts COBIT steps
Optimal Security Blog – Good PCI related entries
Don’t prefix this url with www
milan last edited by
Interesting question…however, SOX under a CobiT Framework and PCI using the PCI Standards are two separate compliance requirements each with different covered entities.
For example, PCI may apply to a private company if it meets specified credit card processing or credit card information criteria. SOx, does not apply to private companies.
If the objective is to identify potential overlap for the purpose of reducing testing, you might find some common linkage between PCI and SOx in the area of IT Data Security and Backup and Recovery. However, I do not think that Change Management or IT Governance is addressed in the PCI Standards.
To my knowledge, PCI has its roots in HIPAA and has much in common with HIPAA compliance requirements.
If you search on the term, ‘PCI’ on this Forum, you will find additional discussion about PCI and the linkage between PCI and HIPAA.
Hope this further helps,