Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Queensland Police to audit PCI compliance

Queensland Police Service (QPS) will review its Payment Card Industry (PCI) compliance to address deficiencies in its current ICT systems

The Queensland Police Service (QPS) is to shortly carry out a series of Payment Card Industry (PCI) compliance assessments and reviews aimed at addressing any deficiencies or gaps in current ICT systems.

In QPS documents the agency said the assessments would examine the internet-facing components of its ICT systems, to identify any vulnerabilities that may lead to exploitation or expose the agency to unnecessary risk.

These potential risks include ensuring applications are developed to industry standards, reviewing HTML and Java Script in the agency’s confirm Web server interface services, and ongoing PCI compliance and system security optimisation.

According to the QPS, the agency in March 2010 implemented a CRM system to deliver a contact centre system as a public facing service. In November 2010 Weapons Licensing and Management Solution (WLMS) functionality was added to the CRM system, however this lead to an increase in processing overheads.

“A QPS business requirement is to reduce processing overheads on … staff in processing weapons licensing application for clients,” QPS documents on the project read.

“In order to achieve this outcome, the QPS is in the process of establishing an on-line capability for members of the public to lodge applications and corresponding electronic payments for weapons licensing through the internet.”

According to the documents, the WLMS solution is designed to include a number of forms, such as applications for weapons, which together with payments are processed through the QPS’ CRM system.

“In order to finalise such transactions there is a need for the enablement of online financial receipting services which in turn requires the ability to process payment via credit card and alternate payment facilities,” the documents read.

Earlier this month the QPS awarded Fujitsu A/NZ an $8 million contract to provide a new command and dispatch system to service increasing calls to its 000 emergency response service.

Under the terms of the deal Fujitsu will partner with Fortek Computers, the developer of the command and dispatch software package, to replace two systems currently operated by the QPS. The companies will design, implement and support the project.

Late last year the agency said it was in the process of upgrading its 2600 vehicles with cameras, automatic number plate recognition and an in-vehicle computing platform.

Department documents noted QPS was interested in providing those police officers operating in a mobile environment, with a capability to capture and record both digital images and voice data to aide in the collection of evidence to support activities and prosecutions.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Fujitsu, QPS
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: PCI compliance, PCI secuity standard
Latest Blog Posts
Whitepapers
  • 5 Best Practices for Achieving Peak Performance in SAP Environments
    Given how deeply businesses rely on their SAP systems, it’s simple to see that maximizing performance and uptime is critical. What’s not so simple is figuring out how to understand, let alone optimize, performance in these complex, dynamic, and interrelated ecosystems. This paper offers five best practices that can help administrators more effectively measure and improve SAP performance.
    Learn more »
  • EMC 15-Minute Guide to Smarter Backup Transform your future
    Backup and recovery has become fundamental part of business and an essential element of information management. Information is useless to customers, employees, or business partners can't access it when it is needed. Availability and integrity of information, of the lack of, can directly impact revenues and profits - as well as company reputations. Read more.
    Learn more »
  • Spear Phishing Attacks - Why they are successful and how to stop them
    There's been a rapid shift from broad, scattershot attacks to advanced target attacks that have had serious consequences for victim organisations. The increased use of spear phishing is directly related to the fact that it works, as traditional security defences simply do not stop these types of attacks. This paper provides a detailed look at how spear phishing is used within advanced attacks and the key capabilities organisations need in order to effectively combat these emerging and evolving threats.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments