PCI policy

A PCI policy is a type of security policy that covers how an organization addresses the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS).

A PCI policy is a type of security policy that covers how an organization addresses the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS). A PCI policy is required of all merchants and service providers who store, process or transmit credit card holder data.

In addition to addressing all of the PCI DSS requirements, the PCI policy should include an annual risk assessment and require that the policy itself be reviewed at least annually. PCI DSS also requires the organization to designate responsibility for specific information security functions, such as security incident response and administration of user account changes. Additionally, the policy should also include requirements that apply to all employees and contractors.

This was first published in April 2012

Glossary

'PCI policy' is part of the:

View All Definitions

Dig deeper on Information Security Policies, Procedures and Guidelines

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close