Certified Chief Information Security Officer (CCISO) — Question 28

A global retail company is creating a new compliance management process.
Which of the following regulations is of MOST importance to be tracked and managed by this process?

Answer options

• A. Information Technology Infrastructure Library (ITIL)
• B. National Institute for Standards and technology (NIST) standard
• C. International Organization for Standardization (ISO) standards
• D. Payment Card Industry Data Security Standards (PCI-DSS)

Correct answer: D

Explanation

The Payment Card Industry Data Security Standards (PCI-DSS) are crucial for any company handling credit card transactions, as they ensure the security of cardholder data. While ITIL, NIST, and ISO standards are important for overall IT governance and management, they do not directly address the specific requirements for payment card security, making PCI-DSS the most relevant regulation in this context.