The Retailer's Guide to Becoming and Remaining PCI Compliant

Any compliance or security program is only as strong as the people running it. A mechanism needs to be put in place that guarantees the distribution and consumption of the security policy. Compliance managers and auditors will need to get a real-time status report on the acceptance of the policy and awareness training. A system that employs a trust policy focusing on the critical business processes of the retail business will be able to enforce the consumption of the security policy and then track compliance to the policy.