Common use of Credit Card (PCI Clause in Contracts

Credit Card (PCI. Security Incident Response Plan 1. Each department must report an incident to the Information Security Officer (preferably) or to another member of the PCI Response Team. 2. That member of the team receiving the report will advise the PCI Response Team of the incident. 3. The PCI Response Team will investigate the incident and assist the potentially compromised department in limiting the exposure of cardholder data and in mitigating the risks associated with the incident. 4. The PCI Response Team will resolve the problem to the satisfaction of all parties involved, including reporting the incident and findings to the appropriate parties (credit card associations, credit card processors, etc.) as necessary. 5. The PCI Response Team will determine if policies and processes need to be updated to avoid a similar incident in the future, and whether additional safeguards are required in the environment where the incident occurred, or for the institution. Stockport School PCI Security Incident Response Team: Business Manager SMBC Audit Governing Body Information Security PCI Incident Response Procedures: • If the Finance Department reasonably believes it may have an account breach, or a breach of cardholder information or of systems related to the PCI environment in general, it must inform Stockport School PCI Incident Response Team. After being notified of a compromise, the PCI Response Team, along with other designated staff, will implement the PCI Incident Response Plan to assist and augment departments’ response plans. In response to a systems compromise, the PCI Response Team and designees will: 1. Ensure compromised system/s is isolated on/from the network. 2. Gather, review and analyze the logs and related information from various central and local safeguards and security controls 3. Conduct appropriate forensic analysis of compromised system. 4. Contact internal and external departments and entities as appropriate. 5. Make forensic and log analysis available to appropriate law enforcement or card industry security personnel, as required. 6. Assist law enforcement and card industry security personnel in investigative processes, including in prosecutions. The credit card companies have individually specific requirements that the Response Team must address in reporting suspected or confirmed breaches of cardholder data. See below for these requirements. Incident Response notifications to various card schemes 1. In the event of a suspected security breach, alert the information security officer or your line manager immediately. 2. The security officer will carry out an initial investigation of the suspected security breach. 3. Upon confirmation that a security breach has occurred, the security officer will alert management and begin informing all relevant parties that may be affected by the compromise.