The PCI Journey
If you’re just starting out with PCI, you probably have questions about how you get from where you are to fully compliant.
When you first start out, the compliance journey might look and feel a little something like this:
You might not know what questions to ask. You might start out by focusing on what you have to report on before understanding your scope. You might try to fix gaps in your processes before really understanding what gaps PCI DSS is looking for you to fix. In short, sometimes the PCI journey is a bit of a winding road.
What usually happens if you go in unprepared is that you spend a lot of time jumping between the various parts in the journey. And quite often it means asking the same question multiple times.
At Confide, we want to help take you from the winding road of PCI compliance and help you find a smooth path to get from where you are (at whatever stage), through to PCI compliance.
In an ideal world, that journey might look a bit more like the diagram below, which follows a much straighter path through your compliance processes.
First you start by getting an understanding of what PCI is, figuring out where you fit into the PCI requirements by understanding whether you are a merchant or a service provider, and then by working through the requirements and finding out where there are gaps that you need to fix.
While you may still have to revisit certain areas, we hope that with some of the information below you’ll be able to go into your PCI journey well prepared for the steps along the way.
To start you out on this journey, we’ve put together some articles which might help with some of the basics. We won’t be able to answer every question here, but we hope it will help get you started in thinking about your own PCI journey.