NDB Advisory What Is PCI?

Core Principles of PCI DSS Framework

As stated by the Payment Card Industry (PCI) Security Standards Council (SSC):

"The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data."

Source: http://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

The core principles of the PCI DSS framework consist of twelve (12) Payment Card Industry (PCI) Data Security Standard (DSS) requirements, organized under six (6) functional areas, commonly know as “Control Objectives”. Each functional area, or control objective, has specific requirements that must be initiated, in place and undertaken for meeting the overall objective for PCI DSS. It's important to not that the PCI DSS requirement, though specific and granular in its requirements, is not a once size fits all approach.

Different entities involved in the processing, storage, or transmission of transaction data or cardholder data will invariably have different requirements and benchmarks to meet, based on a number of parameters, such as transaction processing volume and other factors taken into consideration for PCI DSS compliance.

Author: Charles Denyer

Sample image

Send us an This email address is being protected from spambots. You need JavaScript enabled to view it. or give us a call at (800) 277-5415 x705

 

Location

  • (800) 277-5415, ext. 705
PCI DSS Compliance Experts

 

Contact Us