Rose Addison, Manager of Documentation & Training
Dec 01, 2016
PCI DSS stands for the Payment Card Industry Data Security Standard. It is a set of requirements designed to safeguard and preserve a secure environment that limits credit card exposure. It is pertinent to all companies that store, process, and transmit cardholder data.1
The PCI DSS Standard was founded in 2006 by major credit card brands and is administered by the PCI Security Standards Council (PCI SSC). Organizations handling credit card transactions in the aforementioned manner must be in compliance with the standard and provide proof of validation annually, based on the volume of transactions handled.2
Compliance is performed by way of either a Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC), which is created by an external Qualified Security Assessor (QSA).3 Again, the number of annual credit card transactions determine the necessary method required in order to obtain and provide proof of compliance.