How ISOs & Acquirers Can Execute an Effective Merchant PCI Risk Strategy

October 28, 2011 • Published Categories Acquirer Programs, Archive

PCI risk profiling is not easy. To provide ISOs, processors and sponsor banks with assistance on PCI profiling, ControlScan and ThoughtKey have developed a series of Webinars dedicated to this topic.

Our most recent Webinar, How ISOs & Acquirers Can Execute an Effective Merchant PCI Risk Strategy, highlights numerous tips to help guide you through the complex maze of risk profiling, while providing value-added opportunities to your merchants. The concepts provided are simple; however, without a doubt, the effort to perform and manage these steps is quite complex unless the proper information is gathered at the appropriate points throughout the merchant lifecycle.

The Webinar identifies the main points in the merchant lifecycle that are critical to gathering information that will be used to properly profile and identify PCI risk. These points are referred to as the “Target”. The lifecycle begins with PCI education and ends when PCI risk is mitigated within the risk appetite. The Webinar teaches that PCI is not simply a “compliance” task. Rather, managing PCI risk needs to be part of the culture of the organization and managed holistically in order for it to be effective.

Most notably, there are many instances in the merchant lifecycle approach that can yield value-added opportunities for your merchants – if implemented correctly.

Ask yourself a few simple questions to see if this Webinar will assist you with your PCI compliance program:

  • Where does your PCI program begin and end?
  • Does your program truly mitigate risk for your organization, or are you simply in “coping-mode”?
  • Do you have the right information to perform a PCI risk program – EFFECTIVELY?

We encourage you to watch the Webinar for tips on how to build your merchant lifecycle and properly incorporate PCI risk profiling. This journey will aid you in enhancing the value-add provided to your customers while managing the PCI risk – a double benefit.

To view the Webinar replay and learn more about risk prioritization and the development of an effective PCI program, click here.

About Susan Matt
Susan Matt is the founder of ThoughtKey, Inc., a consulting firm focused on data security and corporate risk management in the payments industry. She has over 20 years in International audit, litigation review, regulatory risk management and extensive experience working with a variety of clients on payment data security. She is a sought-after payments industry speaker, blogger and legal expert.

Leave a Comment