Introduction to PCI DSS Requirement 1

by KirkpatrickPrice / April 12, 2023

This exclusive video series, PCI Demystified, was developed to assist your organization in understanding what the Payment Card Industry Data Security Standard (PCI DSS) is, who it applies to, what the specific requirements are, and what your organizations needs to do to become compliant.  In this episode, Jeff Wilder walks us through PCI Requirement 1. The Payment Card Industry Data Security Standard (PCI DSS) was jointly developed by the payment card…

How Do I Become Compliant with PCI?

by Sarah Harvey / April 12, 2023

Becoming PCI Compliant for the first time can be an overwhelming undertaking if you are unsure of where to start. With approximately 394 controls, this comprehensive data security standard can be a large undertaking that is best tackled with expert assistance. The first step towards achieving PCI compliance is to have a Gap Analysis performed by a PCI expert. Working with a PCI expert will help you to understand all…

What is PCI and DSS Compliance?

by Sarah Harvey / April 12, 2023

What is PCI and DSS Compliance? This is a question KirkpatrickPrice, as a PCI QSA, is frequently asked. Let’s start with what it stands for. PCI stands for the Payment Card Industry. When we talk about compliance, we’re talking about the PCI DSS, or Payment Card Industry Data Security Standard. The PCI DSS originated from efforts by major credit card brands (Visa, MasterCard, American Express, Discover, and JCB) to encourage…

Ask the Auditor: PCI Requirements 5 and 6

by Sarah Harvey / June 13, 2023

As a PCI Qualified Security Assessor (QSA), we receive a lot of questions and concerns from clients who are just stepping into their first PCI assessment, particularly around PCI Requirements 5 and 6; maintaining a vulnerability management program. We have recently sat down with one of our own QSA’s, Steve McEnroe, QSA, CISA, to answer some of the major questions we commonly hear. Here are the highlights from the interview:…

Ask the Auditor: PCI DSS Requirements 3 & 4

by Sarah Harvey / June 13, 2023

We had another chance to interview one of our Information Security Auditors, Tim Cunningham, on some frequently asked questions about PCI DSS Requirements 3 and 4. Here are the highlights from the interview: Q: When we consider the concept of protecting stored cardholder data, what is the first thing to consider when planning compliance with Requirement 3? An organization’s approach to PCI Compliance should be a top-down, management driven approach.…