Latest changes to PCI SSC frequently asked questions.
All service providers are responsible for meeting PCI DSS requirements for their environments as applicable to the services offered to their customers. In addition, PCI DSS Appendix A1: Additional PCI …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …
No. PCI SSC does not require that an entity’s assessor go onsite to the entity’s TPSP and retest PCI DSS requirements that have already been covered in the TPSP’s current …
If the TPSP undergoes its own PCI DSS assessment, it is expected to provide sufficient evidence to its customers to verify that the scope of the TPSP's PCI DSS assessment …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant?s PFI Investigation and produce the PFI Final Report, with details of adequate evidence …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant?s PFI Investigation and produce the PFI Final Report, with details of adequate evidence …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …
When an entity (the TPSP customer) uses one or more TPSPs for functions within or related to the customer's cardholder data environment, it will impact the customer's PCI DSS compliance, …
Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …
