Any merchant or service provider that stores, processes or transmits cardholder data is required to comply with the PCI DSS (Payment Card Industry Data Security Standard). The Standard specifies 12 requirements, which are organised into six control objectives relating to the storage, transmission and processing of cardholder data.
Developed and maintained by the PCI SSC (Payment Card Industry Security Standards Council), the requirements apply to "all system components included in or connected to the cardholder data environment” – i.e. the “people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data”.
Failure to meet the 12 requirements could mean a fine or the termination of credit card processing privileges.
Watch our free introductory webinar to the PCI DSS
If you would like to find out about the PCI DSS, download our free webinar: PCI DSS webinar: Challenge or opportunity?
It provides an overview of the PCI DSS and how it applies to your organisation, including:
- The basics of the PCI and the steps to becoming compliant.
- The biggest payment security challenges facing organisations.
- QSA (Qualified Security Assessor) insight to help you achieve and maintain compliance.
- How the PCI DSS can help you meet the requirements of the EU GDPR (General Data Protection Regulation).
Discover our range of best selling PCI DSS products and services
IT Governance provides services to support you at each stage of your organisation’s PCI DSS compliance project. Whether you need to conduct a gap analysis, reduce the scope of your cardholder data environment, conduct a risk assessment or test the security of your systems and processes, we can help.
View our range of best selling products and services below.