The Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive set of security requirements designed to protect payment card data wherever it is stored, processed, or transmitted. It establishes a baseline of technical and operational controls to safeguard sensitive cardholder information from theft and fraud. The standard includes 12 key requirements grouped into six goals, such as building and maintaining secure networks, protecting stored and transmitted cardholder data through encryption, maintaining vulnerability management programs, implementing strong access controls, regularly monitoring and testing networks, and maintaining an information security policy. Compliance with PCI DSS is mandatory for all organizations handling credit card data and helps reduce the risk of data breaches and fraud, with penalties for non-compliance including fines and loss of card processing privileges
Home / Function (NIST CSF 2.0) / GV - Govern / OC - Org. Context
PCI Data Security Standard (PCI DSS)
This document focuses on:Finance