The word “scope” gets used a lot when you’re talking about PCI DSS. But it is also often misunderstood. This article provides some basic information about scope and how to start understanding what is in-scope for PCI DSS. Who is Responsible for Scoping? Both you and your QSA need to be able to understand the [...]
About Nicole BraunThis author has not yet filled in any details.
So far Nicole Braun has created 25 blog entries.
One of the most frequent questions we get is what the term “Significant Change” means for PCI. In this article we try to demystify this term a little and help you understand the various ways that the term is used in PCI DSS. What is Significant Change? The PCI SSC says that a significant change [...]
Every year, Verizon publishes a report on PCI DSS and the key findings from the year. 2019 was no different. One of the most interesting findings of this report is how few organisations have a programme in place to measure the maturity of the PCI compliance program. Approximately 60% of organisations that were surveyed did [...]
Overview The Payment Card Industry Data Security Standard (PCI DSS) is a set of twelve high-level requirements which all merchants and service providers who take card payments or who manage systems that are involved in transactions are required to follow. PCI DSS has high-level requirements and detailed testing requirements that need to be carried out [...]
OVERVIEW In April 2016, Version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) was released. This new version of the standard contains a number of new requirements which come into full force as of 1 February 2018. This document provides an overview of what is new in Version 3.2, separated by: Clarification of [...]