2024 A Practical Guide to the Payment Card Industry Data Security Standard (PCI DSS) Book Review (invitation only)

The 'apply' button will only display to logged in users; please login to Engage to apply

< return to list
Signup Deadline: 22 Nov, 2023
Starts: 05 Dec, 2023
Ends: 02 Jan, 2024
volunteer opportunity image

Description:

Volunteers will participate in the review of ISACA’s update of the existing edition of the book, “A Practical Guide to the Payment Card Industry Data Security Standard (PCI DSS)”. The objective of the review is to reflect changes in PCI DSS standards, best practices, and associated guidance (e.g., COBIT 2019, COSO, ISO/IEC 27000, ISO/IEC 27001) since the current edition was published in 2015, all to ensure technical accuracy of the book.

Please note, this opportunity is by invitation only. Applications will not be accepted.

Anticipated Outcomes:

As part of the review, volunteers will:

  • Review the book’s text (approximately 393 pages).
    • Using knowledge of the current versions of the PCI standard and related frameworks (e.g., COBIT 2019, COSO, ISO/IEC 27000, ISO/IEC 27001) to provide professional opinion about whether text is technically accurate.
  • Review the book’s figures.
    •  Ensure that figures are relevant and accurate. For example (relevancy), a ISO/IEC control relates to asset ownership. In a mapping PCI requirements to the ISO/IEX control, in the area of asset ownership, maintaining an information security policy would be relevant; however, restricting physical access to data would not be relevant.  For example (accuracy), if ISO/IEC Control if a figure references DSS06.01 from COBIT 5, the reviewer should ensure that the correct mapping to COBIT 2019 is reflected in the new edition of the book.

 

Volunteer Criteria:

  • Invitation only
  • Familiar with the PCI Standard (Version 4.0)
  • Experience assessing PCI compliance or managing PCI compliance programs.
  • Mid to senior level audit/assurance work experience.
  • Preferred certifications: Any of the qualifications offered by the PCI Security Standards Council (e.g., Qualified Security Assessor, Internal Security Assessor, PCI Forensic Investigator); CISA certification; COBIT Certificates (e.g., COBIT Foundation, COBIT Design and Implementation).
  • Knowledge of COBIT 5 and COBIT 2019 either through study of the COBIT framework or through practical work experience using COBIT.
  • ISACA Membership not required.



Volunteer Benefits: 

  • Up to 20 CPE credits (max. 20 annually) in the area of Contributions to the Profession upon successful completion of the term.
  • Name listed in ISACA’s 2nd Edition of "A Practical Guide to the Payment Card Industry Data Security Standard (PCI DSS)" book as an Expert Reviewer.



All volunteers must have an ISACA Participation Agreement on file.  To see if your agreement is active, visit your volunteer profile. Access all volunteer policies here.

Interests:

Audit & Assurance
CISA
COBIT
Infosecurity/cybersecurity

Volunteers Needed:

12 (6 open slots)

Experience Required:

10+ Years Industry Experience

Engagement Points:

100

CPE Credits:

20

Staff Facilitator:

Paul Phillips

ISACA's Philosophy on Volunteer Engagement

ISACA encourages the active participation of our dedicated professional community in relevant, compelling and innovative activities at both the regional and international levels. With appreciation for the talent, expertise and experience each person contributes, volunteers and staff work collaboratively to fulfill ISACA's purpose and promise, while benefiting from incredible experiences and accomplishments that instill confidence in our professional and personal growth.