Expert Advice Community

Guest

ISO 27001 and PCI-DSS

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

ISO 27001 and PCI-DSS

i got an question about iso27001 vs pci-dss and found no information. maybe you can tell me someting about it. if a company did the iso27001 and handle with ecommerce card infos, is it nessesary to implement the whole pci-dss? i mean, they are very similar and so double doings?!
0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
DejanK Jan 12, 2016

- I'm not an expert in PCI-DSS, but from what I know e-commerce merchants of certain size and payment card processors must implement PCI-DSS because this is what Visa and MasterCard require - therefore, it is mandatory in such cases. If you already implemented ISO 27001, and now you are starting to implement PCI-DSS, this doesn't mean you would have to do the same things twice - if the requirements of these two standards are the same, then you just use the controls you implemented for ISO 27001 for PCI-DSS as well.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016