
Show HN: A PCI compliance advice site that is not trying to sell consutancy - jimnotgym
http://www.practicalpci.site
======
jimnotgym
PCI is a minefield. All the helps sites end up trying to sell you consultancy.
We are different. More to come, if people want it. How about free policy
templates?

~~~
nwrk
just a comment (example from your website):

\--

I outsource my payments so I am out of scope for PCI aren't I?

No you are not! If you process card details you are in scope, its just that
you may be able to reduce your exposure to security down to the minimum by
partnering with someone else

\--

[Why is missing ]

How do I know the above is true ? If you can cross-link your exact statements
with official documentation that would help [0][1].

Also believe, some sort of automatic consultancy in this field is viable
source of income.

PCI for humans kind of thing. Good luck!

[0] [https://www.pcicomplianceguide.org/pci-
faqs-2/](https://www.pcicomplianceguide.org/pci-faqs-2/)

[1]
[https://www.pcisecuritystandards.org/](https://www.pcisecuritystandards.org/)

~~~
jimnotgym
Thanks for your comments. I spent forever thinking about how to do something a
bit different in this sector. This version 1.0 is just a brain dump. If people
are interested I will re-factor the website in a pretty big way.

I think the valuable content is still to come. I am intending to post a lot
more help on how to write an information security policy for instance.

Automatic consultancy? Interested where you think that could go?

