Timeline for Does PCI compliance really reduce risk and improve security?
Current License: CC BY-SA 2.5
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 22, 2010 at 13:41 | comment | added | AviD♦ | To elaborate that last point - PCI compliance removes from the organization the ability to apply any risk management or contextual analysis - you have to comply with THIS, and thats it, no choice about it. | |
| Nov 22, 2010 at 13:40 | comment | added | AviD♦ | but that's part of the problem - all that matter is that you are "compliant". There is no PCI benefit to doing anything beyond that. Of course I agree in principle with your comments on goal and risk, but that's not required by PCI - or even encouraged. | |
| Nov 21, 2010 at 17:07 | history | answered | ken5m1th | CC BY-SA 2.5 |