Basket
United Kingdom
Select regional store:
GRC Solutions x Digital Trust Consulting. One partner for complete cyber resilience
Security testing solutions The PCI DSS (Payment Card Industry Data Security Standard) PCI DSS Checklist

PCI DSS Checklist

The PCI DSS (Payment Card Industry Data Security Standard) is a global standard for securing payment card data. It was developed by the PCI SSC (Security Standards Council) to help organisations protect cardholder data and reduce the risk of fraud.

Speak to an expert

For more information about the PCI DSS and what your organisation needs for compliance, please get in touch with one of our experts using the icons below. 

Who the PCI DSS applies to

The PCI DSS applies to any organisation that stores, processes or transmits cardholder data, regardless of size or transaction volume. This includes:

  • Merchants (online and in-person)
  • Service providers handling cardholder data on behalf of others
  • Payment processors

Compliance Requirements

Organisations must comply with 12 high-level requirements, grouped into six control objectives. Exact compliance obligations vary based on the organisation’s merchant level, which is defined by the number of transactions processed annually and the associated risk.

Consequences of non-compliance

  • Card brands may fine acquiring banks if their merchants are found to be non-compliant or involved in a data breach.
  • Acquiring banks may in turn:
    • Pass costs or penalties on to merchants
    • Increase transaction fees
    • Withdraw the ability to process card payments
  • Additional consequences include:
    • Legal liability in the event of a breach
    • Reputational damage and loss of customer trust
Progress 0/33
 

0% Complete

Reset Progress

PCI DSS compliance checklist

This checklist outlines the key steps and controls organisations should address to comply with the PCI DSS.

Done

How IT Governance, a GRC Solutions company, can help

PCI DSS compliance is an ongoing process. As a PCI QSA company, we support you at every stage – from reducing your cardholder data scope to conducting gap analyses, risk assessments and penetration tests.

Speak to a PCI DSS expert today

 

Find the expert you need

Choose a service
Or choose a subject

If you need technical support please, contact us .

Fill in the form to request a callback