Eight Steps to Take Toward PCI DSS v4.0
The clock is ticking on PCI DSS v3.2.1. On 31 March 2024, PCI DSS v3.2.1 will be retired, making the transition to PCI DSS v4.0 essential for organizations involved in …
Recent Updates RSS
The latest changes across all tracked PCI resources.
Spotlight On: Checkout.com, a New Principal Participating Organization
Welcome Checkout.com, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Colette Hanley, Vice President Technology Risk …
PCI Security Standards Council Bulletin: Secure Software Standard: Web Software Module Assessor Training Now Available
R&H ISAC and PCI SSC Present: Tips for Transitioning to PCI DSS v4.0 - A Conversation with Target
In this episode, Retail & Hospitality ISAC podcast host Luke Vander Linden is joined by co-host Alicia Malone, senior manager of public relations at PCI SSC, Kandyce Young, manager of …
PCI Security Standards Council Bulletin: Technical FAQs for Secure Software Standard v1.x Published
Spotlight On: Bank of America, a New Principal Participating Organization
Welcome Bank of America, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Tim Thomas, VP, Sr. …
Watch Questions with the Council: What to Know About PCI DSS v4.0 Training
In the third installment of the “Questions with the Council” video series, Senior Manager, Tom White answers the payment industry’s questions about PCI DSS v4.0. The questions focus specifically on …
5 Reasons to Become an Associate PO
PCI Security Standards Council (PCI SSC) Associate Participating Organizations (APOs) are vital contributors to the mission of helping secure payment data globally. As an APO, you join a growing community …
Coffee with the Council Podcast: Meet the Council’s Regional Director, Latin America and the Caribbean
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today we'll meet the Council's Regional …
Extra Compensating Controls Worksheet
PCI Security Standards Council Bulletin: Secure Software v1.2 ROV and AOV Published
Secure Software Report on Validation (ROV) Template
Updated version published, replaces version from
Secure Software Attestation of Validation (AOV)
Updated version published, replaces version from
What is the meaning of ?initial PCI DSS assessment??
An initial assessment means an entity has never undergone a prior PCI DSS assessment that resulted in the submission of a compliance validation document. Examples of validation documents include an …
Can SAQ eligibility criteria be used for determining applicability of PCI DSS requirements for assessments documented in a Report on Compliance?
Merchants and service providers should always consult with their acquirer (merchant bank) or payment brand directly, as applicable, to confirm their PCI DSS validation and reporting method (for example, whether …