From the course: Getting Started with PCI 4.0 Compliance
Join today to access over 24,800 courses taught by industry experts.
PCI scoping explained
From the course: Getting Started with PCI 4.0 Compliance
PCI scoping explained
- [Instructor] One of the most complicated parts of working with PCI compliance is figuring out which part of your environment is in-scope for PCI and which is out-of-scope. This is very important, as meeting PCI controls for out-of-scope areas can be expensive and unnecessary. Though having good security controls in place for your entire environment can protect other parts of your business. Broadly put, the in-scope environment for PCI includes the cardholder data environment or CDE, which is made up of system components, people or processes, that either transmit, process, or store cardholder data or sensitive authentication data. The scope also includes systems, people or processes, that could impact the security of the CDE. This could include things like authentication directories used to provide access into the CDE, or perhaps a data center, which physically stores the cardholder data. System components includes a big…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.