What Policies are Required for PCI DSS? | Expert Advice from a QSA

July 10, 2009

What polices are required for PCI DSS compliance? This is a question as a Payment Card Industry Data Security Standards (PCI DSS) Qualified Security Assessor (QSA) i’m asked quite often. What you need to know is the first and the obvious, that is, Requirement 12 “Maintain an Information Security Policy” mandates a whole host of policies and procedures.

What is not well-known is that throughout the 11 other PCI DSS requirements are a number of policies and procedures that will need to be developed in order to become PCI DSS compliant. This is where most merchants and service organizations need additional assistance on, because you have to “read between the lines” on some of these requirements to truly understand what it is you need to have in place for additional policies and procedures outside requirement number 12.

Call me directly at 214-298-8532. As a QSA for our firm, I will be more than happy to discuss these with you, how to develop them, and provide you with templates for a marginal fee.

To learn more about PCI compliance and policies and procedures, visit pciassesssment.org

PCI DSS Requirements

Does your business meet the 12 requirements for achieving PCI DSS compliance?

Do you maintain a secure network?
How well do you protect cardholder data
What are your access control measures?

Learn about all 12 PCI DSS requirements

What Policies are Required for PCI DSS? | Expert Advice from a QSA

PCI DSS Requirements

PCI Blog

For Merchants

For Service Providers

Request More Information About PCI DSS Compliance

What Policies are Required for PCI DSS? | Expert Advice from a QSA

PCI DSS Requirements

Related Links

PCI Blog

For Merchants

For Service Providers

Request More Information About PCI DSS Compliance