If you don’t have documented and employee acknowledged roles and responsibilities for every role that is part of your PCI scope of assessment, you may need a long roadway to get this in...
Continue ReadingPcidss4 0
Remember the good ole days when Requirement 7 was all about general and privileged user accounts? Well, those days are done as of March 31, 2025!
Continue Reading
Have you ever been off-roading? Full-on four-wheel-drive, low gear, creeping over rocks, or blasting through snowbanks? It’s quite an exhilarating experience. I liken the updates made to...
Continue Reading
The recent release of PCI DSS v4.0 may give the mistaken impression that there is a lot of time for organizations to prepare for any required changes to people, processes, and technologies....
Continue Reading
I’ve recently spent some time reviewing the PCI DSS v4.0’s updates on the Customized Approach and want to go on record as stating that I believe this is one of the most significant changes...
Continue Reading
Malware PCI compliance PCIDSS4.0
The number of assessment testing procedures for anti-malware doubled – it went from 18 to 36, including a major new requirement!
Continue Reading
Risk Assessments PCI Risk Risk Management RSP PCIDSS4.0 PCIDSS PCI Assessment
PCI DSS v4.0 introduces new expectations about what is required when it comes to assessing risk. In contrast to the previous version of the Standard, risk awareness is a core concept that...
Continue Reading
Submit a Comment