SearchSecurity.com Definitions (Powered by WhatIs.com)

Look up tech terms

Powered by: WhatIs.com

Search listings for thousands of IT terms:

Browse tech terms alphabetically:

Look up tech terms

Powered by: WhatIs.com

Search listings for thousands of IT terms:

Browse tech terms alphabetically:

PCI assessment

Definition-

A PCI assessment is an audit for validating compliance with the Payment Card Industry Data Security Standard (PCI DSS). During the assessment, a PCI Qualified Security Assessor (QSA) determines whether the business has met the PCI DSS 12 requirements, either directly or through a compensating control.

All major credit card companies require their merchants and service providers who store, process or transmit cardholder data to comply with PCI DSS. Those who process over 6 million Visa transactions a year (and are therefore Level 1 merchants) must undergo a PCI assessment performed by a QSA. The QSA completes a Report on Compliance (ROC) that verifies the business' PCI DSS compliance. The ROC is sent to the business' acquiring bank, which then sends it to the appropriate credit card company for verification.


CONTRIBUTORS:Maggie Sullivan

last updated24 Apr 2012


Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Related Content

Related glossary terms

Terms from Whatis.com − the technology online dictionary
  • security information and event management (SIEM)  (searchSecurity.com)
  • Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of organization’s information technology (IT) security. 
  • PCI QSA  (searchSecurity.com)
  • Payment Card Industry Qualified Security Assessor (PCI QSA) is a designation conferred by the PCI Security Standards Council to individuals it deems qualified to perform PCI assessments and consulting services