«

»

Aug 05

PCI DSS vs ISO 27001

pci-logo

PCI DSS and ISO 27001 are both security standards but it’s important to understand differences between them and how they apply to your organization.

ISO 27001 is an international standard, with worldwide recognition, which lays down the requirements for the establishment of an information security management system. It applies to any type of organization, and their implementation and certification is optional, so it is not mandatory for a company.

PCI-DSS is a standard of data security for the credit card industry, and applies only to companies that process, store, or transmit credit card data. For these companies, compliance with the standard is obligatory, though depending on the volume of cards processed, different requirements or obligations may apply.

High level overview:
PCIvsISO

Follow me!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>