Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
PCI Risk Assessment
1. Risk Assessment for PCI Compliance
[Mandatory as per Requirement 12.1.2]
Sign up for FREE www.smart-ra.com
2. • PCI 2.0 requires a formal and structured
risk assessment methodology.
• Meet the requirement with SMART
Sign up for FREE www.smart-ra.com
3. Requirement 12.1.2 emphasizes the need for a structured
and formal risk assessment methodology.
• “Requirement 12.1 Establish, publish, maintain, and
disseminate a security policy that accomplishes the
following:
• Requirement 12.1.2 Includes an annual process that
identifies threats, and vulnerabilities, and results in a
formal risk assessment.
(Examples of risk assessment methodologies include but
are not limited to OCTAVE, ISO 27005 and NIST SP 800-
30.)”
Sign up for FREE www.smart-ra.com
4. Scope Establishment Identify Assets Identify Threats
Profiling: Add Controls Identify Vulnerabilities
Sign up for FREE www.smart-ra.com
5. •Search Assets
•Bulk Upload of Assets
•Use predefined Standard
Assets
•Enter CIA values of
Assets to generate Asset
Value
•Simple view of
•Search Asset and Threat
Vulnerabilities Mapping
•Prioritize •Search and Find
with Level of Threats
Vulnerability
•Do Profiling by Location
•Vulnerabilities are also considered in defining Controls
•Integrate Action Management Module to implement Controls
www.smart-ra.com
6. •Manage
•Assign Incidents by
Actions to applying
Implement relevant
Controls or Controls
Manage
Incidents
•Create Surveys •Create and
to identify Manage Policy
organizational and Procedure
vulnerabilities documents.
•Represent •Manage
findings with Document Review
Survey Reports
•Risk Assessment
Report
•Monitor your •Asset Report
Organizational •Threat Report
Risk Health •BLSS Report, etc
•Measure
Effectiveness of
Controls
www.smart-ra.com
7. • Meet RA requirements of PCI 2.0.
• Use RA for preparation of PCI Compliance.
• Reduce risks in your organization and improve
security.
• Also help in meeting ISO 27001 and other Risk
Management Standards in one go…
• Save 80% of your time and cost on risk assessment.
Sign up for FREE www.smart-ra.com