troubleshooting Question

PCI levels of assessment

Avatar of Pau Lo
Pau Lo asked on
NetworkingSecurityMiscellaneous
5 Comments2 Solutions559 ViewsLast Modified:
What level of PCI compliance or self assessments are required for companies who don’t store any PCI data in their network, but they do take card details over the phone, and enter them into a web application hosted by a 3rd party. I know there are different rules for PCI compliance and auditing based on a few factors i.e. transactions and whether data is stored internally or not.

They also access this 3rd party web app from within their private network, just as they would access www.google.com from a PC within their private network. Are their any procedural PCI compliance i.e. non IT technical that such a company would need policies around? Id rather comments as opposed to a link to the PCI website.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 5 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros