Prompt Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards. Specifically, the following critical elements must be addressed: Identify appropriate best practices of PCI DSS specific to the company's IT environment. Identify the touch points between the objectives and requirements of PCI DSS and company's IT environment. Determine appropriate best practices to implement when taking steps to