Successful PCI Programs at Large Organizations

SecurityMetrics Podcast | 17

Successful PCI Programs at Large Organizations

When your organization has 300 Merchant IDs (MIDs) in a multi-modality environment, leading a PCI DSS compliance program is no easy task.

Robbyn Lennon, Senior Merchant Services Program Coordinator at the University of Arizona sits down with Host and Principal Security Analyst Jen Stone (MCIS, CISSP, CISA, QSA), along with SecurityMetrics Principal Analyst Michael Simpson to talk about large-scale PCI DSS compliance from both a QSA and a client perspective.

Robbyn explains in detail how she established a PCI DSS compliance program at the University of Arizona. With over 10 years of experience, she shares her three-part strategy: “Engagement, leadership, and encouragement.”

• How to reduce scope in a large PCI DSS compliance program by organizing merchants into “pods.”
• Why a focus on leadership as opposed to management helps employees take accountability for their job processes.
• The tools, training, and documentation you need to empower merchants and improve your PCI program.

‍

Resources:

Robbyn on LinkedIn

Download our Guide to PCI Compliance! - https://www.securitymetrics.com/lp/pci/pci-guide

Download our Guide to HIPAA Compliance! - https://www.securitymetrics.com/lp/hipaa/hipaa-guide

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.‍