You are hereInformation Security Policy / Purpose & Scope

Purpose & Scope


By Michael J - Posted on 24 January 2012

Purpose

This document details the security strategy for Tech Harbor in relation to the storage, processing and transmission of credit card data. Its aim is to provide a detailed understanding of Information Security responsibilities for all levels of staff, contractors, partners and third parties that access Tech Harbor’s credit card processing network.

As part of Tech Harbor’s Payment Card Industry (PCI) Compliance program, consideration has been made to Credit Card Processing operations. Guidelines and controls form an essential part of the company’s compliance status against the PCI Data Security Standard.


Scope

This document should be reviewed by parties involved with Tech Harbor’s credit card processing operations. Specifically:

  • Day-to-day credit card processing operations (including IT systems).
  • Implementation of new credit card processing systems.
  • Maintenance of existing credit card processing.

This document should also be used for reference purposes when Tech Harbor undertakes its annual PCI compliance review.  The policy framework maps directly to the PCI DSS.