The PCI has released a brand new document on implementing an awareness program and it is really good.

While the IBM iSeries AS/400 comes out of the box with the industry's best security, employing requires active management.  The PCI has developed the World Class "Best Proactices" standards from which you can build your strategy.  Take advantage of the FREE resource.

In order for an organization to comply with PCI DSS Requirement 12.6, a formal security awareness program must be in place. There are many aspects to consider when meeting this requirement to develop or revitalize such a program. The best practices included in this information supplement are intended to be a starting point for organizations without a program in place, or as a minimum benchmark for those with existing programs that require revisions to:

Establishing and maintaining information-security awareness through a security awareness program is vital to an organization’s progress and success. A robust and properly implemented security awareness program assists the organization with the education, monitoring, and ongoing maintenance of security awareness within the organization.

This guidance focuses primarily on the following best practices:



Click the Table of Contents or CLICK HERE to Download