The PCI DSS must be met by all organisations (merchants and service providers) that transmit; process or store payment card data. It is a contractual obligation applied and enforced – by means of fines or other restrictions – directly by the payment providers themselves.
PCI DSS compliance requirements
The Standard basically requires merchants and member service providers (MSPs) who store, process or transmit cardholder data to:
- Build and maintain a secure IT network
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Maintain an information security policy.
If you want to simplify the business of PCI DSS compliance, this toolkit is for you:
|PCI DSS v1.2 Documentation Compliance Toolkit
This PCI DSS compliance toolkit is specifically designed to help payment card-accepting organisations quickly create all the documentation required to affirmatively answer the requirements of the PCI DSS as set out in the Self Assessment Questionnaire (v1.2).
This unique toolkit contains a full set of documentation templates for the all mandatory PCI DSS policies, as well as implementation guidance and ISO27001 cross-mapping.
Order this PCI DSS v1.2 Compliance Toolkit today – it will simplify documentation & compliance, particularly for level 2, 3 and 4 merchants!