Building a Library of Best Practices

Last month, the National Retail Federation (NRF) announced it would develop an IT Best Practices reference library to provide guidance for implementing effective retail business processes.

The first installment in the library will address compliance with the Payment Card Industry (PCI) requirements. NRF’s initial goal will be to define best practices on each of the 12 basic PCI audit points, including variations by retail segment. The objective is to complete these best practices in the first half of 2008.

Following the creation of best practices on PCI compliance, the library will add guidelines to address privacy, spam control, environmental protection, record retention and data management.

NRF has established a sub-committee, comprised of its CIO Council and supplemented with technical assistance from the Association for Retail Technology Standards’ (ARTS) committees, to develop these best practices.

Guidelines for defining the best practices will be established by collecting information from retailers and vendors on how processes are currently managed. The collected data will be analyzed and amalgamated into a draft of proposed best practices. This draft will be posted online for additional critique and suggestions before the committee submits final best practices to the library.