Comparative Study between PCI-DSS v4.0 and ISO/IEC 27001:2022

Adesh Mukati, Dr. Astitwa Bhargava

Abstract: This research article presents a comparative study of the Payment Card Industry Data Security Standard (PCI-DSS v4.0) & the International Organization for Standardization's (ISO) 27001: 2022 standard, focusing on their approaches to information security management. The study analyses the key differences & similarities between the standards, focusing on their approaches to information security management. PCI-DSS v4.0 primarily focuses on securing payment card data, while ISO 27001: 2022 provides a broader framework for managing information security risks for all types of information assets. The study evaluates the benefits & challenges of implementing both standards, highlighting the need for significant resources & careful planning. The integration of both standards can align an "organization's information security efforts with global best practices & ensure continuous" improvement. The study recommends that organizations carefully assess their information security needs & resources before deciding to implement both standards.

Keywords: Payment Card Industry Data Security Standard (PCI-DSS v4.0), International Organization for Standardization (ISO) 27001: 2022, Payment card data, Information security management system, Financial information

How to Cite?: Adesh Mukati, Dr. Astitwa Bhargava, "Comparative Study between PCI-DSS v4.0 and ISO/IEC 27001:2022", Volume 12 Issue 6, June 2023, International Journal of Science and Research (IJSR), Pages: 2936-2951, https://www.ijsr.net/getabstract.php?paperid=SR23711142455, DOI: https://dx.doi.org/10.21275/SR23711142455