1. Explain why PCI Compliance is so important?
2. What are the implications for companies that are are not PCI compliant? What can potentially happen to if companies are not compliant?
3. The Payment Card Industry Data Security Standard (PCI DSS) is not a law, but merely a standard. What information systems security controls and countermeasures should be in place to achieve this standard. Please give examples to support your answer.
4. Suppose you were a consultant to a major corporation. What PCI-DSS compliant mitigation remedies would you recommend to your client?