PCI DSS resources

The PCI DSS is continually updated to combat emerging threats and changes in the market, such as mobile acceptance and Cloud computing. This green paper explains the changes to the Standard and the effect they may have on merchants and service providers.

This green paper will help organisations to effectively prepare for a PCI audit and ensure a successful audit outcome.

This green paper has been developed to provide readers with the practical knowledge required to identify the right SAQs (self-assessment questionnaires), allowing you to achieve full compliance with the PCI DSS.

This green paper is aimed at those implementing PCI DSS v3.2 and those conducting audits to make sure an organisation is compliant. 

This green paper will help organisations reduce their CDE (cardholder data environment) in order to minimise PCI DSS compliance costs.

This green paper attempts to demystify the PCI’s security testing requirements to help organisations comply with the Standard.

PCI DSS compliance, especially for RoCs and some SAQs, requires internal and external vulnerability scans, and frequent penetration tests. This webinar will cover the Standard’s requirements for security testing.

This webinar outlines the 12 requirements of the PCI DSS relating to the storage, transmission and processing of cardholder data.

This webinar has been developed to help organisations effectively prepare for a PCI audit and ensure a successful outcome. Although this webinar focuses on organisations that must undergo a PCI audit, many of the steps are relevant to any organisation that needs to meet the requirements of the PCI DSS.

Ideal for small merchants and service providers that are not required to submit a Report on Compliance (RoC), a self-assessment questionnaire (SAQ) is a self-validation tool to assess security for cardholder data. This webinar will provide the practical knowledge required to identify the right SAQ to achieve full compliance with the PCI DSS.

This free webinar provides step-by-step guidance on scoping the CDE. This includes gathering information, defining a perimeter and analysing data flow. The webinar also provides methods for reducing the scope.

Deploying security technologies can only go so far in protecting an organisation and helping maintain compliance. Policies are needed to address the weak link in security – people. This webinar will explain how to develop PCI policies.

This executive briefing outlines the PCI’s 12 requirements for storing, transmitting and processing cardholder data. 

Discover IT Governance’s approach of using the PCI DSS as a set of information security controls that can be effectively integrated within a broader cyber security framework to further reduce risk.

Find out how IT Governance helped Appletree Communications Ltd progress to the highest level of PCI compliance as a service provider, extending the payment gateway and payment processing arm of the business.