Marie-Christine Vittet PCI DSS Program Director July 2013

Slides:

Advertisements

Similar presentations

DaZee Hotels (Management & Allied Services)

Advertisements

This refresher course will:

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

PCI Compliance Roundtable Update Presented by the PCI Compliance Task Force.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Making Sense of the WIC EBT IAPD IAPD Session of the 2014 WIC EBT User Group Meeting July 23, :00 AM to 12:00 PM Presented by Cheryl Owens, MAXIMUS.

First Practice - Information Security Management System Implementation and ISO Certification.

Payment Card Industry (PCI) Data Security Standard

Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.

Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.

Disclaimer Copyright Michael Chapple and Jane Drews, This work is the intellectual property of the authors. Permission is granted for this material.

Tips and Tricks for CFO’s Global Expansion Alliance Webinar John Galvin, June

PCI 3.0 Boot Camp Payment Card Industry Data Security Standards 3.0.

Just Culture Assessing Readiness – Focus on Process Jill Hanson Certified Just Culture™ Champion WHA 1.

PCI DSS Managed Service Solution October 18, 2011.

An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.

Clinical Unit of Health Promotion WHO Collaborating Centre for Evidence-Based Health Promotion in Hospitals Quality tools and Health Promotion Implementation.

What is Chapter Affairs? Global View and Support –Leadership Forum –Chapter Executive Workshop –Chapter Awards Program Liaison between Chapters and ACC.

Date goes here PCI COMPLIANCE: What’s All the Fuss? Mark Banbury Vice President and CIO, Plan Canada.

NATIONAL ELECTRONIC CONVEYANCING Australia’s joint government and industry initiative to create an efficient and convenient way of completing property.

DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.

PCI DSS Readiness Presented By: Paul Grégoire, CISSP, QSA, PA-QSA

Exploiting the CRM for B2B Marketing Karen Race Deputy Director, Academic Enterprise.

JJ Mois Année Competitive Intelligence as a key decision factor in Komercni banka André Léger Executive Director, Marketing.

© OECD A joint initiative of the OECD and the European Union, principally financed by the EU. Quality Assurance José Viegas Ribeiro IGF, Portugal SIGMA.

Smart Payment Processing ™ Recur} Happen again. Persist. Return. Come back. Reappear. Come again.

© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC Standard for Information Security Management Systems.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

Creating A Cleaner Energy Future For the Commonwealth Renewable Closed Landfills Eileen McHugh Municipal Energy Programs Coordinator July 26,

PAYMENT CARD INDUSTRY REMEDIATION PROJECT Cheryl Wenezenki-Yolland, PCI Project Owner Nicholas Krischanowsky, PCI Project Director Public Sector Payment.

HR 08 IB SPP 02 TWINNING PROJECT “ENHANCEMENT OF CAPACITY FOR EFFECTIVE MANAGEMENT OF EU COHESION POLICY FUNDS” 1 The most significant results of Component.

Federal Strategic Sourcing Initiative U.S. General Services Administration FSSI Office Products II “ OS2 in a Box” Implementation Kit.

PUBLIC PROCUREMENT SYSTEM IN TAJIKISTAN RAVSHAN KARIMOV AGENCY FOR PUBLIC PROCUREMENT UNDER THE GOVERNMENT OF THE REPUBLIC OF TAJIKISTAN.

Designing a Strategic Travel Program May 22, 2008 Ginger Monahan

The Direction of Information Security and Privacy in State Government Presented by Colleen Pedroza Chief Information Security Officer California State.

PCI PROJECT UPDATE Jeff Gassaway, CIPP, CISSP, ISPO 1.

Navy EMS Implementation Status September Title/Group/Section,etc. Navy EMS Requirements  Fully conforming EMS by Sept 2009  U.S. (by EO) and.

Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.

Legal Framework and Structure. Public Internal Financial Control Strategy ( ) focuses on three activities Institution of a Centralized Harmonization.

Security Training and Awareness Brad Reed, IT Security Analyst OIT – Information Security Office Securing the University – ITSS 2015.

1 Capability Set - Detail. 2 Common Merchant Problems Require rapid funds settlement from the campus –Small businesses operate on good cash flow –Need.

Chapter 8 Auditing in an E-commerce Environment

Building A Pharmaceutical Compliance Program Presentation to the Sixth Annual Congress on Health Care Compliance February 7, 2003 Janice Toran Fujisawa.

Template v5 October 12, Copyright © Infor. All Rights Reserved. 1 EPAK Enterprise Performance Accelerator Kit.

Dr. Bhavani Thuraisingham Information Security and Risk Management June 5, 2015 Lecture #5 Summary of Chapter 3.

Jon Bonham, CISA, QSA Director, ERC

Standards in Use. EMV June 16Caribbean Electronic Payments LLC2.

Learn Integrated Management System Documentation Process with Ready-to-use EQHSMS Documentation Kit

ISO :2015 Documentation kit for Accreditation of Certifying Body - by Global Manager Group

Hospital Accreditation Documentation Process & Standard Requirements

What is ISO Certification? Information is a valuable asset that can make or break your business. When properly managed it allows you to operate.

PCI 3.1 Boot Camp Payment Card Industry Data Security Standards 3.1.

ISO Certification For Laboratory Accreditation ISO Certification For Laboratory Accreditation.

NATIONAL TREASURY BRIEFING TO PORTFOLIO COMMITTEE ON PUBLIC SERVICE AND ADMINISTRATION National Treasury | 2 March 2011.

Performing Risk Analysis and Testing: Outsource or In-house

AEO requires a compliance framework

AEO requires a compliance framework

Independent Media Small Grants Program

Internet Payment.

WORKING PRINCIPLES ECONOMIC COOPERATION ORGANIZATION REGIONAL COORDINATION CENTRE FOR IMPLEMENTATION OF THE ECO/FAO REGIONAL PROGRAMME FOR FOOD SECURITY.

Overview – Guide to Developing Safety Improvement Plan

Overview – Guide to Developing Safety Improvement Plan

Rld pci compliance project

Dealing with your GDPR Challenges

Contents subject to change.

Travel Agency RFP June 2018.

WORKSHOP Establish a Communication and Training Plan

Presentation transcript:

Marie-Christine Vittet PCI DSS Program Director July 2013 Accor PCI DSS Project Marie-Christine Vittet PCI DSS Program Director July 2013

Accor Group Presentation

Accor Group Presentation

Accor Group Presentation

- Managed hotels: ACCOR manages a hotel on behalf of an owner PCIDSS scope in Accor Accor Central (Merchant Level 1) Accor central covers the distribution system: central reservation systems, web & e-commerce systems, call centers, different interfaces with Global Distribution Systems and online Travel Agency systems available for Accor hotels Hotels (Merchant Level 4) Owned & Leased hotels (subsidiaries) Operated and controlled by ACCOR Group, Owned and Lease hotels are under the ACCOR responsibility Managed & Franchised hotels - Managed hotels: ACCOR manages a hotel on behalf of an owner under an ACCOR brand. The hotel benefits from all the distribution and marketing know-how of the group - Franchised hotels: On the opposite of the management contract, the hotel is managed by an independent owner who uses an ACCOR brand and the distribution system QSA audit SAQ

PCI DSS - Accor Governance ACCOR Steering Committee Accor Executive Attendance Quarterly basis ACCOR Coordination Committee Track Leader Attendance (Operations, IT, Distribution, Call Center, Legal & Treasury) Monthly basis ACCOR Country Committee Local Representative Attendance (IT, Operations, Finance, HR & Legal) ACCOR Meeting with Schemes Biannual Bilateral meetings Support & Validate Organize & Monitor Roll-Out Report

PCI DSS - Accor Program Kit PCI Program kit is ready to be implemented! PCI DSS Compliance in Accor document Accor PCI eModule Policies and Procedures (3 Quick-wins) Guideline for hotels renovation Under construction: PCI Hotel Portal User training IP Scanning Policies and Procedures Templates Online SAQ

Accor PCI eModule This formal security awareness program is based on a 50 minutes eModule. Each Accor employee dealing with payment card data must follow this program at least one time per year. The training will end with a questionnaire in order to get the certification.

Accor PCI eModule testimony The PCI e-Module clearly demonstrates how the hotel staff could comply to PCIDSS in their daily work in a very simple and easy to understand approach. NG Joseph, PMS Manager - Asia/Singapore The e-module is very clear and pointed out risks I was not aware of. I have learned a lot! Lassing Annelies, Pricing & Distribution Support Manager/ STAR - HQ Amsterdam It’s really good – and simple to understand. Think it’s a good tool to remind everybody about security rules – also for his personal interest and data. Frankenhauser Silvia, Manager Distribution Systems/ Commercial - HQ Munich

Accor PCI project Contact ? Contact: Marie-Christine VITTET Accor - PCI DSS Program Director Email: marie-christine.vittet@accor.com Thank you for your attention