SISA Technical Session for ISACA Silicon Valley

PRLog (Press Release) - Mar. 19, 2012 - The new PCI DSS Version 2.0 mandates a risk assessment as per a formal methodology. However the standard is silent on what are the expectations of risk assessment under the standard. This leads to ambiguity and conflicting interpretations of Requirement 12.1.2 which mandates a formal risk assessment process. The speaker, who is the one of the proposers of the Special Interest Group (under the PCI Council) for PCI Risk Assessment shared some of the insights on how this important requirement should be addressed.

The session was well received by the audience and the quality of the presentation was well appreciated by the audience.

Dharshan Shanthamurthy is the CEO of SISA Information Security and is a Risk Assessment veteran with deep skills in scoping, designing and implementing security at the enterprise level security. Trained at the CERT®, (at Software Engineering Institute, Carnegie Mellon University) on OCTAVE Risk Assessment Methodology in 2003 as an Authorized Trainer and Advisor, he is experienced in large-scale security risk assessments at the enterprise level for Fortune 500 companies.

# # #

SISA = "Information Security Specialists"

SISA, a pioneer in Information Security Risk Assessments has over the last few years expanded its services horizon and has emerged as a leading Information Security Specialist company.