Document Comparison
PCI-DSS-v3-2-1-to-v4-0-Summary-of-Changes-r1.pdf
→
PCI-DSS-v3-2-1-to-v4-0-Summary-of-Changes-r2.pdf
98% similar
36 → 36
Pages
11087 → 11159
Words
6
Content Changes
Content Changes
6 content changes. 34 administrative changes (dates, page numbers) hidden.
Added
p. 2
December 2022 2 Errata update to add a description of the change made to Requirement 6.3.3 and to correct the entry in the Summary of New Requirements table for Requirement 3.6.1.1.
Added
p. 17
Evolving requirement 8.7 7.2.6 Moved requirement since it aligns better with the content in Requirement 7.
Modified
p. 1
Payment Card Industry Data Security Standard Summary of Changes from PCI DSS Version 3.2.1 to 4.0 Revision 1
Payment Card Industry Data Security Standard Summary of Changes from PCI DSS Version 3.2.1 to 4.0 Revision 2
Modified
p. 15
Evolving requirement 6.6 6.4.1 Moved requirement for addressing new threats and vulnerabilities for public-facing web applications under Requirement 6.4.
Evolving requirement 6.2 6.3.3 Changed the applicable security patches to be installed within one month of release from “critical security patches” to “critical or high-security patches/updates.” Evolving requirement 6.6 6.4.1 Moved requirement for addressing new threats and vulnerabilities for public-facing web applications under Requirement 6.4.
Modified
p. 15 → 16
Clarification or guidance 6.4.1 6.5.3 Changed term from “development/test and production” to “production and pre-production” environments.
Clarification or guidance 6.4.2 6.5.4 Changed term from “development/test and production” to “production and pre-production” environments. Changed term “separation of duties” and clarified that separation of roles and functions between production and pre-production is intended to provide accountability so that only approved changes are deployed.
Removed
p. 16
Evolving requirement 7.2.5.1 New requirement for review of all access by application and system accounts and related access privileges. This requirement is a best practice until 31 March 2025.