The Information Security Management System (ISMS) is widely known as a certification system of information security for corporations in India with over 400 companies certified to ISMS by BSI.
ISMS is designed to manage and maintain the quality of information security whilst PCI DSS is designed to protect cardholder data, so dual certification to both PCI DSS and ISMS standards enables greater levels of information security for multiple stakeholders.
In order to maintain PCI DSS and ISMS certification, organizations must undertake an annual assessment.
By conducting a joint assessment, organizations can avoid a certain degree of duplication; reduce business disruption, time and cost. For example, if an organization is already certified to ISMS requirements then they will be implementing many of the elements of PCI DSS elements including:
A.11.2 User access management
A.11.4 Network access control
A.11.5 Operating System access control
A.12.6 Technical Vulnerability Management