PCI Compliance Policy for Ignite Comps

1. Purpose

The purpose of this PCI compliance policy is to establish guidelines and procedures to ensure that Ignite Comps maintains compliance with the Payment Card Industry Data Security Standard (PCI DSS). Ignite Comps is committed to protecting the security and privacy of payment card information processed through its website. This policy outlines responsibilities, procedures, and measures to mitigate risks associated with handling payment card data.

2. Scope

This policy applies to all employees, contractors, and third-party service providers who handle payment card information on behalf of Ignite Comps. It encompasses all systems, processes, and technologies involved in the collection, processing, transmission, and storage of payment card data.

3. Compliance Responsibilities

  • Management: Senior management is responsible for overseeing and ensuring compliance with PCI DSS requirements. This includes allocating resources, defining roles and responsibilities, and establishing a culture of security awareness.
  • IT Department: The IT department is responsible for implementing and maintaining secure systems, networks, and applications in accordance with PCI DSS requirements. This includes regular monitoring, vulnerability assessments, and patch management.
  • Security Officer: A designated security officer is responsible for overseeing the implementation of security measures, conducting risk assessments, and ensuring compliance with PCI DSS requirements.
  • Employees: All employees are responsible for adhering to PCI DSS policies and procedures, safeguarding payment card data, and reporting any security incidents or potential vulnerabilities.

4. Payment Card Data Handling

  • Ignite Comps shall only use PCI DSS compliant third-party payment processors to handle payment card transactions.
  • No payment card data shall be stored, processed, or transmitted on Ignite Comps’ systems or networks. All payment card data shall be entered directly on the third-party payment processor’s secure platform.
  • Employees shall not request, collect, or store payment card information from customers under any circumstances.

5. Security Measures

  • Ignite Comps shall implement and maintain appropriate security measures to protect payment card data from unauthorized access, disclosure, alteration, or destruction.
  • Access to systems and networks handling payment card data shall be restricted to authorized personnel only. User access shall be based on the principle of least privilege.
  • Ignite Comps shall encrypt all sensitive data transmitted over public networks using strong encryption protocols.
  • Regular security assessments, including penetration testing and vulnerability scanning, shall be conducted to identify and address potential security vulnerabilities.

6. Incident Response

  • Ignite Comps shall maintain an incident response plan to address security incidents related to payment card data promptly. The plan shall include procedures for reporting, investigating, and mitigating security incidents.
  • Employees shall be trained to recognize and report any suspected security incidents or breaches involving payment card data.

7. Training and Awareness

  • Ignite Comps shall provide regular training and awareness programs to educate employees about PCI DSS requirements, security best practices, and their roles and responsibilities in safeguarding payment card data.

8. Compliance Monitoring and Reporting

  • Ignite Comps shall conduct regular audits and assessments to monitor compliance with PCI DSS requirements.
  • Compliance reports shall be provided to senior management and relevant stakeholders on a periodic basis.

9. Non-Compliance

  • Non-compliance with this PCI compliance policy may result in disciplinary action, termination of employment, or legal consequences.
  • Ignite Comps shall promptly address and remediate any identified non-compliance issues to maintain the integrity and security of payment card data.

10. Policy Review and Updates

  • This PCI compliance policy shall be reviewed and updated annually or as necessary to reflect changes in business operations, technology, or regulatory requirements.
  • Any updates or revisions to the policy shall be communicated to all relevant stakeholders, and training shall be provided as needed.

11. Conclusion

Ignite Comps is committed to maintaining the highest standards of security and compliance with PCI DSS requirements to protect the confidentiality, integrity, and availability of payment card data. All employees, contractors, and third-party service providers are expected to adhere to this policy and support efforts to safeguard payment card information effectively.

Updating…
  • No products in the cart.
Ignite Points

Ignite Points

EARN

Refer others and get 100 Ignite points when they make a purchase!

Buy tickets and get 1 Ignite points for every £1 spent!

REDEEM

Exchange your points to get a discount at the checkout!

Get £1 for every 100 points!

Use 500 points for a £5 discount

Use 1000 points for a £10 discount

To view your points balance

Login / Sign up

It only takes a moment!