Definition

PCI assessment

A PCI assessment is an audit for validating compliance with the Payment Card Industry Data Security Standard (PCI DSS). During the assessment, a PCI Qualified Security Assessor (QSA) determines whether the business has met the PCI DSS 12 requirements, either directly or through a compensating control.

All major credit card companies require their merchants and service providers who store, process or transmit cardholder data to comply with PCI DSS. Those who process over 6 million Visa transactions a year (and are therefore Level 1 merchants) must undergo a PCI assessment performed by a QSA. The QSA completes a Report on Compliance (ROC) that verifies the business' PCI DSS compliance. The ROC is sent to the business' acquiring bank, which then sends it to the appropriate credit card company for verification.

Contributor(s): Maggie Sullivan
This was last updated in April 2012
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: