Steve Ragan at the SecurityWeek site, wrote: "Painless PCI assessments are possible if you work for them. For most CISOs, the pain of an audit is part of the job, but it doesnt have to be the nightmare that most of the IT community envisions. While attending the SOURCE Boston conference last week, your faithful SecurityWeek correspondent attended a rather frank discussion centered on the pain of a PCI assessment, and why the said pain is completely unwarranted. Heres a recap of the talk. This is an interesting overview!
here is the article
here is the article