How can Internal Audit support compliance?
As part of our series of articles for the Institute of Internal Auditors Magazine, David Bettesworth, one of the partners leading our IT Internal Audit service line, looks at compliance within the Payment Card Industry Data Security Standard (PCI DSS).
The Payment Card Industry Data Security Standard (PCI DSS) sets out requirements mandated by several of the world’s leading payment card brands that are designed to help retailers protect cardholder information. Compliance with PCI DSS is mandatory for all organisations storing, processing or even handling credit or debit card information. For most, the Internal Audit department can provide significant support to the business to ensure compliance is achieved and maintained efficiently and effectively. However Internal Audit must understand their role in a PCI DSS compliance programme and how they should ensure their skills are leveraged effectively.
PCI DSS (PDF, 73 KB)