PCI DSS v3.0 was released on the 7th November 2013 and features changes across all the 12 requirements of the standard. According to comments we’ve received, online publications and social media chatter, the majority of these changes have been accepted with open arms, however a few have been subject to some criticism.
The fact remains that organisations that store, transmit or process card holder data must comply with PCI DSS and therefore understanding the changes is important.
Implementing Version 3
PCI DSS v 3.0 will become applicable on 1st January 2014 and as you’d expect, there is a 12 month grace period which will allow organisations to have the time they need to comply with version 3.
IT Governance have designed a survey to establish how companies are going about achieving compliance with the standard, what challenges they face and how prepared they are for transitioning to v3.
The survey takes no longer than 2 minutes to complete and in exchange for your time we’ll send you a link to the full ‘PCI DSS V3.0: The Changes Explained – Simply’ webinar. This webinar took place on the 26th November 2013 and was led by Geraint Williams, PCI QSA and CREST-registered Tester. You can see a teaser of this webinar below.