CHAPTER 5: HOW DO YOU COMPLY WITH THE REQUIREMENTS OF THE STANDARD?

All organisations must comply. There are two options for demonstrating compliance: an annual on-site security audit and the submission of four passing quarterly network scans by an ASV, or completion of a Self-Assessment Questionnaire, in all cases together with a submission of four passing quarterly network scans. Which option applies to any one organisation is determined by transaction volume and whether or not there has previously been a security breach.

The major global payment brands require that every entity – including financial institutions, merchants and service providers – that stores, processes, or transmits payment card data, in every channel – including catalogue ...

Get PCI DSS: A Pocket Guide 5th edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.