Free PDF download: PCI DSS Compliance – Simplifying your requirements and SAQ submissions
The PCI DSS (Payment Card Industry Data Security Standard) consists of a standardised, industry-wide set of requirements and processes for various security controls, ensuring that payment card and cardholder data are protected. In total, there are 6 control objectives, which are split into 12 requirements. These are further divided into hundreds of sub-requirements. However, you may only need to comply with a small subset of the requirements, depending on how you take payments.
Organisations within scope of the Standard must annually validate their compliance, either via an audit led by a qualified third party or by completing an SAQ (self-assessment questionnaire). Because the exact PCI DSS requirements can vary so much per organisation, depending on how payment is taken and cardholder data is processed, there are nine different SAQs, with some shorter and more straightforward to complete than others.
Download this paper to learn:
- The benefits of PCI DSS compliance;
- How to minimise the compliance burden by reducing your scope; and
- How to choose the right SAQ(s) under the PCI DSS v3.2.1.