GLOBAL · Framework
PCI DSS — Payment Card Industry Data Security Standard
PCI DSS is a global baseline of technical and operational requirements designed to protect payment account data wherever it is handled.
What it is
PCI DSS is a global baseline of technical and operational requirements designed to protect payment account data wherever it is handled.
Global payments · PCI DSS v4.0.1 current
Who it binds
Any merchant or service provider that stores, processes or transmits cardholder data.
Key obligations
- Twelve requirements across network and data protection
- Vulnerability management and strong access control
- Continuous monitoring and testing
- An information-security policy and annual validation
How CCI addresses it
CySSURANCE maps the twelve PCI DSS requirements to your estate; EviGen automates evidence for the QSA assessment.
Official source
PCI DSS v4.0.1, PCI Security Standards Council
https://www.pcisecuritystandards.org/document_library/
The linked text is the authoritative legal or standards source. CCI maps to it; it is not a CCI publication.