- Client Login
The chatter around the Payment Card Industry is on fire. For well over a year now, PCI DSS version 4.0 and the various changes the updated standard brings have been on everyone's minds. A line we have found ourselves saying to our clients is, "the best time to start preparing for 4.0 was yesterday. The second-best time to start is today!"
As the effective date of PCI DSS v4.0 approaches, we thought it would be helpful to put together a quick reference tool to help our clients prepare themselves for the upcoming changes. We have made this PCI DSS v4.0 New Requirements Quick Reference Guide available for free here.
We believe that every organization can benefit from performing its own internal assessment of these new requirements in advance of their first 4.0 assessment. Doing so will help organizations identify where upcoming compliance gaps may exist while there is still enough time left to remediate them. In order to get the most out of this effort, we recommend that organizations approach their internal testing in a similar way as a QSA. To assist with this, we have included in the quick reference guide the high-level pieces of evidence likely to be requested by a QSA when performing their testing of each new requirement.
Nobody likes surprises when it comes to compliance! By aligning your organization's approach to identifying upcoming compliance gaps to the approach your QSA will likely test them, your organization may be able to reduce the chance of any unwelcome surprises cropping up in its initial 4.0 assessment.
We truly hope this guide is helpful. If you or your organization have any additional questions or concerns, we would love to help! Please reach out to 503-697-4118 and ask for Spencer, David, or Debra, or reach out on our website.