The PCI DSS version 1.1 is a set of comprehensive requirements for enhancing payment account data security. Developed by the founding payment brands of the PCI Security Standards Council, the PCI has been designed to help facilitate the broad adoption of consistent data security measures on a global basis. Being multifaceted, the security standard includes requirements for security management, policies, procedures, network architecture, and software design and is intended to help organizations proactively protect customer account data.
As with many compliance projects, the most obvious benefit is that of avoiding the penalties of failing to comply. Penalties for non compliance to the PCI standard vary by credit card brand and contract, but generally include high fines of up to $500,000 per instance of non compliance, and, in extreme cases, denial of credit card processing capabilities.
The Casewise PCI-DSS process model is aimed at assisting organizations achieve compliance status to the standard whilst helping organizations to systematically and proactively protect themselves from the liabilities and potential costs of credit card data misuse, customer identity theft, and cybercrime. The model also offers organizations the ability to make informed, practical decisions about security technologies and solutions and thus increase the return on information security investments.