The objective of the PCI DSS Compliance Program audit/assurance review
is to provide management with an independent assessment relating to the
governance, effectiveness and efficiency of PCI DSS security requirements
across the enterprise, including the management of services that are delivered
by external providers.
Note: This is not a PCI DSS controls assessment. This audit/assurance program has been developed to assess the development and maintenance of a
strategy to implement the necessary controls to achieve compliance.
An internal controls questionnaire(ICQ) is included to assists enterprises with defining the scope
of the assurance engagement and can be used during the exploration period of
an audit engagement.
>Published by ISACA,PCI Compliance,Networking,Vulnerabilities,COBIT 5