Univ. Controller
Mission Statement

Forms
OFIS User Request Form

Documentation
Organization Chart
OFIS Manual
Financial Reports

Policies
Travel Expense Policies
Travel Expense Changes
(Updated 3/31/05)
PCI Data Security

Procedures
Year End

Workshops
OFIS Training
UHR Workshops

Related Sites:
Reporting Financial Concerns
RIAS



Web design by PZ

Payment Credit Card Industry (PCI)
Data Security Requirements

All departments that accept, process, store and transmit credit card data as payments to the university must be in compliance with the Payment Card Industry (PCI) Data Security Program. The security program applies to all types of payments including in-person, mail, telephone and web transactions.

To achieve compliance, all departments must implement the PCI Data Security Standard, which was designed to create common industry standards and provides a single approach to safeguarding confidential credit card account data. Departments must also complete an annual Self-Assessment Questionnaire with the Director of Treasury Operations by August 15th. Departments must include a corrective action plan to rectify areas of non-compliance.

Important PCI Program Information:

• Notification letter from Jeffrey Apfel.
  
• Merchant Requirements for Securing Information.
  
• PCI Data Security Standards.
  
• PCI Self-Assessment Questionnaire for Terminal Merchants.
  
• PCI Self-Assessment Questionnaire for Web payments.
  
• Rutgers staff serving as PCI Data Security contacts.
  
• Visa's website on data security compliance.
  
• Visa's CISP Overview.
  
• Rutgers Security Information:
  - http://rusecure.rutgers.edu/
  - http://cirt.rutgers.edu
  
  
• What to do if compromised?.