CHAPTER 5: HOW DO YOU COMPLY WITH THE REQUIREMENTS OF THE STANDARD?

 

All organisations must comply. There are two options for demonstrating compliance: an annual on-site security audit and the submission of four passing quarterly network scans by an ASV, or completion of a Self-Assessment Questionnaire, in some cases together with a submission of four passing quarterly network scans. Which option applies to any one organisation is determined by transaction volume and whether or not there has previously been a security breach.

The major global payment brands require that every entity – including financial institutions, merchants and service providers – that stores, processes, or transmits payment card data, in every channel – including catalogue ...

Get PCI DSS: A Pocket Guide 4th edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.