The PCI DSS must be met by all organizations (merchants and service providers) that transmit, process or store payment card data. The PCI DSS is not a law - It's a contractual obligation applied and enforced - by means of fines or other restrictions - directly by the payment providers themselves.
The HSBC bank have been writting to their business customers urging them to comply with the PCI DSS before 1st October this year. They have put the average cost of a data breach at £100,000.00 ($166,330.00) and they will not be able to defend such fines so if you're not compliant with PCI DSS requirements, the fines will be passed on to you!
This PCI DSS v1.2 compliance toolkit is specifically designed to help payment card-accepting organizations quickly create all the documentation required to affirmatively answer the requirements of the PCI DSS as set out in the Self Assessment Questionnaire (v1.2).
PCI DSS v1.2 Documentation Compliance Toolkit contains a full set of documentation templates for the all mandatory PCI DSS policies, as well as implementation guidance and ISO27001 cross-mapping.
These templates are developed out of those contained in our best-selling ISO27001 ISMS Documentation Toolkit and, therefore, are capable of being integrated into an ISO27001 ISMS.
For convenience, it also contains copies of the various PCI DSS documents (other than the PCI DSS itself), although no charge is made for these documents, all of which are also freely available on the Internet and through our website.
In addition, this PCI DSS Documentation Template Toolkit is accompanied by PCI DSS: A Practical Guide to Implementation (Soft Cover). This book gives pragmatic guidance on PCI compliance and works with this toolkit to provide you with step-by-step guidance in your quest to gain PCI DSS compliance.
If you want to simplify the business of PCI DSS compliance, this toolkit is for you.