What Is a PCI ROC? 4 Reasons Why You Need One
Why organizations should consider having a PCI Report on Compliance completed, even if the acquiring bank is not requiring one.The Report On Compliance is mostly referred to as “ROC”. We often see our customers struggle to understand the differences between the PCI...
Requirement 12 of PCI DSS explained
This blog is part of a blog series on the 12 requirements of PCI DSS. We discuss the common challenges and explain what kind of evidence is needed to comply with the requirement. Here we discuss: Requirement 12: Maintain a policy that addresses information security...
Requirement 11 of PCI DSS explained
This blog is part of a blog series on the 12 requirements of PCI DSS. We discuss the common challenges and explain what kind of evidence is needed to comply with the requirement. Here we discuss: Requirement 11: Regularly test security systems and processes The system...
Why should you bother to comply to PCI DSS?
Achieving PCI Compliance can be challenging. However, maintaining compliance with the latest version of the PCI Data Security Standards can be even more difficult. As part of the PCI Compliance process, there are many different things that an organization must do...
The PCI-SAQ: which one do I need?
The Self-Assessment Questionnaires (SAQs) are validation tools designed to help merchants and service providers report on the results of their compliance with PCI DSS. It must be completed as evidence of their completion of the PCI DSS self-assessment. These SAQs need...
Requirement 10 of PCI DSS explained
This blog is part of a blog series on the 12 requirements of PCI DSS. We discuss the common challenges and explain what kind of evidence is needed to comply with the requirement. Here we discuss: Requirement 10: Track and monitor all access to network resources and...