What is meant by "Framework Implementation Tiers"? Why is it important for an organization to implement them? PCI DSS must ensure continuous improvement and monitoring. How does this requirement pertain to the Heartland payment security breach? What is the NIST Risk assessment procedure? Why does an organization need to be compliant with PCI DSS? What do you understand about its validation tool? Explain SAQ and QSA. Describe how an organization can use frameworks to create a new cyber security program or improve an existing program. Explain the importance of patch management.