NotesFAQContact Us
Collection
Advanced
Search Tips
Peer reviewed Peer reviewed
Direct linkDirect link
ERIC Number: EJ1031016
Record Type: Journal
Publication Date: 2013
Pages: 8
Abstractor: As Provided
Reference Count: 39
ISBN: N/A
ISSN: ISSN-1055-3096
Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry
Willey, Lorrie; White, Barbara Jo
Journal of Information Systems Education, v24 n3 p181-188 Fall 2013
Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for organizations operating within the credit card payment industry serves as an excellent example of a real-world security standard that lends itself to classroom study. The establishment and requirements of the Payment Card Industry Data Security Standard (PCI DSS), and the associated consequences for noncompliance, represents a businesslike approach to the organizational protection of data that students will find interesting and one to which they will relate. Everybody uses credit cards! Incorporating the topic of PCI DSS into an activity allows students to learn and apply PCI DSS concepts to a business setting. Just asking "If everyone uses credit cards, why don't all businesses accept them?" will start a process of exploration for the class. A hypothetical business teaching case, "Blue Mountain Jams" ("BMJ"), illustrates the challenge of PCI DSS mandates for small businesses. Small business is given some leeway in self-assessment under PCI DSS to document compliance after the decision is made to accept credit card payments. That leeway gives students the opportunity to learn and analyze the PCI DSS requirements and compliance methods and to determine the best course of action for a business that has made the decision to start accepting credit cards.
Journal of Information Systems Education. e-mail: editor@jise.org; Web site: http://www.jise.org
Publication Type: Journal Articles; Reports - Descriptive
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A