PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders’ personal information. All card brands require compliance with the Payment Card Industry Data Security Standard

The 6 Major Principles of PCI DSS

The PCI-DSS requirements are broken down into six distinct goals. Each goal can be further expanded to cover the 12 requirements of the PCI-DSS.

  • Build and maintain a secure network
  • Protect cardholder data
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Maintain an information security policy
It’s necessary to prohibit access from the internet to any component within the cardholder data environment. If employees or other relevant personnel have computers or mobile devices that access the organization’s network, those systems must be equipped with personal firewall software.

Security & Privacy Governance Program

Mechanisms exist to facilitate the implementation of cybersecurity and privacy governance controls

Data Governance

Mechanisms exist to facilitate data governance to oversee the organization’s policies, standards and procedures so that sensitive/regulated data is effectively managed and maintained in accordance with applicable statutory, regulatory and contractual obligations.

Mechanisms exist to periodically inspect systems and system components for Indicators of Compromise (IoC).

Ready for your compliance journey

Get in touch today

Subscribe now

Subscribe to get your copy of checklist etc

Skip to content