The PCI-DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI Standard affects all organisations that process, transmit, or store cardholder data in any way, shape or form (electronically, physically, outsourced).
Organisations handling large transaction volumes must have their compliance assessed by an independent assessor known as a Qualified Security Assessor (QSA), while companies handling smaller volumes have the option of demonstrating compliance via a Self-Assessment Questionnaire
Governance Manager’s PCI-DSS assessment assists organisations to undertake a thorough ‘health-check’ of their card handling environment against all elements of the self-assessment questionnaire. For large organisations or those handling large transaction volumes, this activity may be taken in preparation for a QSA audit.