CISS has newly integrated the PCI DSS V 3.2 standard into the CISS framework on the Nimonik platform. Performing and reporting PCI audit/testing is now easier than ever before, using the CISS PCI template.
You can shape your PCI audit according to your scope by selecting one or multiple PCI requirements or areas.
The CISS framework comprises the following templates:
- Information Security Template capturing 196 controls which are mapped to ISO 27001/ ISO 27002 standard enhanced by
- Governance controls
- Operational controls (ITIL, COBIT, GxP, SOX etc.)
- IT related company level controls (CLC)
- Information security controls
- ISO 27001:2013 Standard
- PCI DSS V 3.2 Standard, capturing 464 controls
Every control has a detailed description, an example for ‘testing evidences’, as well as which information has to be captured during testing. A quick on-boarding for individuals is therefore given.
Links to the CISS framework templates:
- ISO27001-2013 Audit Template July 2016 – V1.00
- Audit & Control Framework July 2016 – V1.00
- PCI Data Security Standard v3.2 August 2016 – V1.00