Easy1 markMultiple Choice

Area II: SecurityRegulationsPCI DSSArea II

CPA · Question 12 · Area II: Security

A company processes credit card transactions. Which standard is MOST applicable to their environment?

Answer options:

A.

HIPAA

B.

GDPR

C.

PCI DSS

D.

FERPA

How to approach this question

Identify the standard specific to payment cards.

Full Answer

C.PCI DSS✓ Correct

PCI DSS

PCI DSS applies to all entities involved in payment card processing.

Common mistakes

Selecting GDPR because credit card info is personal data (true, but PCI DSS is the specific industry standard).

Question 11 All questions Question 13

Practice the full CPA ISC Practice Exam 2

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A service organization provides a cloud-based payroll platform where clients access the software ...Medium Q02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...Hard Q03During a walkthrough of the change management process, an auditor observes that developers have w...Medium Q04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...Hard Q05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium

View all 82 questions →