Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rld pci compliance project

Published byLouisa Hopkins Modified over 6 years ago

Similar presentations

Presentation on theme: "Rld pci compliance project"— Presentation transcript:

1 Rld pci compliance project
Michelle Langehennig Chief Information Officer Regulation and Licensing Department

2 RLD Vision and Mission Boards and Commissions:
To ensure New Mexicans receive quality care and services from qualified professionals. Construction Industries Division: Provide code compliance oversight; issue licenses, permits and citations; perform inspections; administer exams; process complaints; and enforce laws, rules and regulations relating to general construction and manufactured housing standards to industry professionals.

3 Project Description Bring New Mexico’s Regulation & Licensing Department (RLD) into compliance with Payment Card Industry Data Security Standards (PCI DSS) Self Assessment Questionnaire (SAQ)-A compliance, reducing the expenses imposed by PCI with RLD’s current credit card payment methods.

4 Project Scope Redirect any of RLD’s self-hosted payment web pages to a custom payment page hosted by a PCI DSS 3.2 certified vendor. Separate all credit data from RLD’s infrastructure. One time cost to bring RLD into PCI compliance and minimize risks associated with hosting our own payment gateways.

5 Objectives Achieve full PCI DSS 3.2 compliance for RLD and associated Permitting and Licensing application to increase the security of the card-holder data environment (CDE) and to reduce or eliminate penalties imposed by financial service provider. Maintain PCI DSS 3.2 compliance through the life of the Permitting and Licensing programs and for as long as the PCI DSS compliance specification is relevant. Reduce long-term cost of achieving and maintaining PCI compliance over the current costs.

6 Deliverables PCI DSS 3.2 compliant payment portal that takes credit card payments from existing RLD applications, customizable and configurable by RLD IT staff. Customized code within existing RLD applications that point to the new payment portal. Policies and Procedures appropriate to the new SAQ-A environment.

7 Project Budget Item Cost Estimate CyberSource hosted payment portal
$267,400 hardware $67,000 RLD IT Staff $30,000 *Total $364,400 *IV&V not currently budgeted, as waiver is being requested.

8 Governance

9 Stakeholders name Stake in Project Organization
License & Permit Applicants Ability to Pay online general public requiring permits or licenses Front Desk Staff process applications and answer questions in person and via telephone RLD IT Operations staff Support the new system CID/MHD Director manage the division that processes applications for permits B&C Director manage the division that processes applications for licenses

10 Project Timeline Segment Network 3/31/2018 Payment Portal 6/30/2018
Acceptance 6/30/2018

11 Conclusion RLD is requesting certification of $67,000 for the Initiation Phase of the PCI Compliance Project.

Download ppt "Rld pci compliance project"

Similar presentations

IT Security Policy Framework

IT Security Policy Framework
Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.

Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.
.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.

.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.
Mobile Payment Security The Good, the Bad and the Ugly

Mobile Payment Security The Good, the Bad and the Ugly
MARTAs Road to PCI Compliance 1 Presenter: Yolanda Curtis, PMP AFC Project Manager.

MARTAs Road to PCI Compliance 1 Presenter: Yolanda Curtis, PMP AFC Project Manager.
1 Presented to Department of Information Technology Jan 28, 2009 New Mexico Department of Health ELECTRONIC REPORTING (e-Reporting) e-Reporting.

1 Presented to Department of Information Technology Jan 28, 2009 New Mexico Department of Health ELECTRONIC REPORTING (e-Reporting) e-Reporting.
Real Estate Project Regulation and Licensing Department Closeout Certification Meeting July 20, 2012 Lori Hewig, IT Director David Martinez, Project Manager.

Real Estate Project Regulation and Licensing Department Closeout Certification Meeting July 20, 2012 Lori Hewig, IT Director David Martinez, Project Manager.
Data Warehouse External Data Loads Implementation Certification May 27, 2009 Project Certification Committee May 27, 2009 1.

Data Warehouse External Data Loads Implementation Certification May 27, 2009 Project Certification Committee May 27,
Navigating Compliance Requirements DCM 6.2 Regs and Codes linford & co llp.

Navigating Compliance Requirements DCM 6.2 Regs and Codes linford & co llp.
© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.

© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
Credit Card Changes that Impact You! Changes to Accounts Receivable, Cash Receipts and Student Billing 7.77 Wanda Mahon & Bucky Wall Corporate Readiness.

Credit Card Changes that Impact You! Changes to Accounts Receivable, Cash Receipts and Student Billing 7.77 Wanda Mahon & Bucky Wall Corporate Readiness.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
(rev 3/09) Stewardship, Accountability and Regulatory Compliance Jim Corkill Sandra Featherson Office of the Controller.

(rev 3/09) Stewardship, Accountability and Regulatory Compliance Jim Corkill Sandra Featherson Office of the Controller.
Web Advisory Committee June 17, 2009.  Implementing E-commerce at UW  Current Status and Future Plans  PCI Data Security Standard  Questions.

Web Advisory Committee June 17,  Implementing E-commerce at UW  Current Status and Future Plans  PCI Data Security Standard  Questions.
Introductions Jim Enzinna, Chief, Licensing Division Mark DiNapoli, Assistant Chief, Licensing Division Tracie Coleman, Head, Information Section Vince.

Introductions Jim Enzinna, Chief, Licensing Division Mark DiNapoli, Assistant Chief, Licensing Division Tracie Coleman, Head, Information Section Vince.
Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger 515-237-5007.

Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger
PCI DSS Managed Service Solution October 18, 2011.

PCI DSS Managed Service Solution October 18, 2011.

Similar presentations

Ads by Google