Exxo
PCI-DSS Policy
PCI-DSS Policy

1.INTRODUCTION AND SCOPE

Introduction

This document explains EXXO Capital & Futures’ information security requirements for all employees. EXXO Capital & Futures’ management has committed to these policies to protect information utilized by EXXO Capital & Futures in attaining its business goals. All employees are required to adhere to the policies described within this document.

Regulatory Compliance

The Payment Card Industry Data Security Standard (PCI DSS) Program is a mandated set of security standards that were created by the major credit card companies to offer merchants and service providers a complete, unified approach to safeguarding credit cardholder information for all credit card brands.

In September of 2006, a group of five leading payment brands including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International jointly announced formation of the PCI Security Standards Council, an independent council established to manage ongoing evolution of the PCI standard. Concurrent with the announcement, the council released version 1.1 of the PCI standard.

The PCI Data Security Standard requirements apply to all payment card network members, merchants and service providers that store, process or transmit cardholder data. The requirements apply to all methods of credit card processing, from manual to computerized; the most comprehensive and demanding of which apply to e-commerce websites, and retail POS systems that process credit cards over the internet.

During normal course of compliance and reporting activities EXXO Capital & Futures will ensure that proper scoping of compliant PCI operations and reporting are in effect.

Scope of Compliance

This Information Security Policy applies to all “system components.” System components are defined as any network component, server, or application that is included in or connected to the company’s information environment. The company information environment is that part of the network that possesses company information. For example, the following types of systems would be in scope for compliance within any environment:

  • Systems storing company information (e.g. databases, PC’s used by accounting for generating reports)

  • Systems processing company information (e.g. web servers, application servers, etc.)

  • Network devices transporting or directing company information traffic (e.g. border router, DMZ firewall, intranet firewall, etc.)

  • Devices that create media containing company information (e.g. fax machine, printer, backup tape silo)

  • Support systems (e.g. Active Directory, PC’s performing support functions such as system administration, etc.)

For EXXO’s complete PCI-DSS policies, please email compliance@exxocapitalfutures.com.

LET'S TALK

Our professional team is here for you. To learn more about EXXO Advisors or to speak with a representative, please call us or complete our request form.

CONTACT US

EX

EXXO Capital & Futures PTY LD is registered as Independent Remittance Dealer under AUSTRAC and Australian Security and Investment Commission and International Financial Company Registration with Bloomberg. EXXO Capital & Futures (UK) is registered as Investment Consultant. Fully insured under professional indemnity cover scheme by London Insurance underwriter.

United Kingdom

+44 (0)20 3475 9928
info@exxocapitalfutures.com
85 Great Portland Street, London, W1W 7LT

Australia

info@exxocapitalfutures.com
Suite 98 135 Cardigan St Carlton Vic 3053
@2022 EXXO capital & futures
WordPress Cookie Plugin by Real Cookie Banner