Industries :: Retail      
RetailRetail

Protecting access to personal financial data and credit card account information is a fundamental obligation for retailers. Because of the far-flung operations of most retail firms, the security and risk management challenges are significant.

From a compliance standpoint, retailers are heavily impacted by the Payment Card Industry Data Security Standard (PCI DSS). This standard was developed jointly by MasterCard and VISA, and it incorporates the security standards previously published separately by each organization. The PCI DSS program describes 12 high level requirements, supported by approximately 212 specific requirements. The goal of the PCI DSS, and of the MasterCard SDP and VISA CISP programs, is to preserve the integrity of the payment card industry by ensuring consistent and rigorous security mechanisms are put in place throughout the system. PCI DSS compliance is required for all sizes of merchants. VISA applies varying levels of validation to PCI DSS adherence based upon the size of the merchant (measured in annual transactions). The largest merchants must complete an annual self-assessment questionnaire, have an annual on-site PCI data security assessment performed, and complete a quarterly network scan.

While not a government compliance standard, PCI DSS is having a significant impact throughout the retailer industry. The consequences of failing to adhere to PCI DSS are considerable, and can include losing the ability to accept credit cards for payment. In addition to PCI DSS, retailers can be impacted by SOX and GLBA, depending on whether they are public or private, and on whether they issue private branded credit cards to their customers.

Retailers are seeking solutions that enable them to more easily comply with the provisions of PCI DSS on a continual basis, and to leverage their PCI compliance efforts to their other regulatory mandates.

For retailers, the ControlPath Compliance Suite enables a single, continuous compliance process that ensures compliance with PCI DSS, and with other compliance regulations. Given the distributed nature of retail operations, the self-assessment process provided by ControlPath can facilitate compliance in a cost-effective manner. ControlPath increases the effectiveness and timeliness of PCI compliance efforts, and significantly decreases the cost of compliance for retailers.
ControlPath Resources

Payment Card Industry Security Standards Council

PCI DSS Standard

VISA, Mastercard, Discover Cardholder Security Programs

PCI Wiki

Enterprise Management Associates: Second Generation Compliance Management Tools Deliver Automation

PCI DSS Resource BLOG
ControlPath Press Releases

ControlPath Signs Three Fortune 100 Firms For Its Compliance Automation Suite

ControlPath Joins BITS, First Software Provider to Integrate SIG, AUP for Financial Institutions and Service Providers

ControlPath and Borderware Partner on Compliance

FirstAdvantage Selects ControlPath Compliance Management Tools
ControlPath in the News

IIA Journal: The Benefits and Challenges of Compliance Automation

IT Business Edge: ControlPath: Still Too Much 'Work' in Compliance

Network World: Progress slow on compliance front

SOX Compliance Journal: Graphical Modeler Saves Time & Money Deploying Compliance Management Software
ControlPath Events

POWER-GEN International Competitive Power College Course

IIA Seminar- Los Angeles Chapter

ISACA Los Angeles 2008 Spring Conference

ISACA Phoenix Chapter Meeting

IndustriesSolutionsResource CenterPartnersSupportComapnyPress RoomContact Us
Copyright ControlPath, Inc. 2006-08