Myrsini is responsible for securing systems used to process credit card information. What security control framework should guide her actions?

The Payment Card Industry Data Security Standard (PCI DSS) governs the storage, processing, and transmission of payment card information. Among other things, the Sarbanes Oxley (SOX) Act regulates the financial reporting activities of publicly traded companies. The Health Insurance Portability and Accountability Act (HIPAA) regulates the handling of protected health information (PHI). The Gramm-Leach-Bliley Act (GLBA) regulates the handling of personal financial information.