Dave Vroman (6/20/2013)
I didn't do that portion of the requirement. I only got the results. I wrote their encryption package and their encryption interface fully compatible with classic ASP, VB.NET, ASP.NET and VB6 and SQL. I was in charge of the DTS / SSIS packages and needed results from them and ran into several roadblocks. The compliance requirements were especially stringent because the web site got hacked with all of the resulting hassles.
I no longer work there and I don't deal with PCI any more. Thank Goodness. BTW: The PCI which we were required to do was because of a law suit and the court was much more restrictive.