PCI DSS Requirements | Talk to a QSA for Expert Advice | PCI DSS

PCI DSS requirements can be a daunting challenge for today’s merchants and service providers who have to become Payment Card Industry Data Security Standards (PCI DSS) compliant. And to add to that, there are varying levels of compliance for both merchants and service providers. There are self-assessment questionnaires (SAQ) that can be undertaken for achieving compliance and then there are actual on-site PCI DSS assessments that are conducted by a Qualified Security Assessor (QSA), which are licensed to undertake these assessments for companies through the Payment Card Industry Security Standards Council (PCISSC).

Whatever your needs are for PCI DSS compliance, it’s important to note that you truly need to understand the scope of the engagement and what systems are in “play” for PCI compliance. Most merchants, as stated earlier, can conduct a self-assessment, but this is easier said than done as there are a number of requirements that have to be in place.  To be blunt, it is not simply a matter of “checking the box”: there are activities that must be validated for compliance. For larger merchants and service providers, a PCI DSS Readiness Assessment is an excellent tool for understanding the scope of the assessment itself and what areas your organization will have to remedy before even starting to think of obtaining compliance. As a lead QSA for NDB Advisory, you can call me directly at 1-800-277-5415-ext. 705, and I will be more than happy to assist you.

-Charles Denyer

Payment Card Industry Qualified Security Assessor (PCI QSA)