Understand the policies and security controls you need to protect credit card transactions and avoid data breaches. The operations dashboard lets you track and manage the full PCI DSS compliance lifecycle.
Streamline self-assessment questionnaires (SAQ) and vulnerability scans with automation using our intelligent and interactive PCI compliance checklist manager so you can accelerate compliance and minimize cost.
Once you’ve tracked evidence collection and completed all controls, you can share evidence, track the project, and collaborate with an auditor directly within the platform. Use your own auditor or lean on one of our auditor partners.
Collect once, comply many: Scale your resources and optimize compliance
Create efficiencies and increase visibility by scoping, monitoring, and communicating your compliance posture.
Explore answers to frequently asked PCI DSS questions.
The Payment Card Industry Data Security Standard (PCI DSS” is a Payment Card Security Standard (“PCI”) published by the PCI Security Standards Council (“PCI SSC”), an independent body created by the major credit card brands (Visa, MasterCard, American Express, Discover, and JCB International). It provides security requirements for the entire card industry, from card reader manufacturing to e-commerce.
The PCI DSS applies to any service provider that stores, processes, or transmits cardholder data, regardless of the size or number of transactions. Companies can validate their compliance through qualified security assessors (“QSA“).
These are the six major PCI DSS compliance goals:
Build and maintain a secure network and system
Protect cardholder data
Maintain a vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain an information security policy
In addition, these are divided into 12 sub-requirements, such as maintaining a firewall, restricting access to sensitive data, and encrypting data transmission.
Our GRC and Security Assurance Cloud streamlines the compliance lifecycle by operationalizing the PCI requirements. Leverage pre-built PCI DSS compliant policies and controls, collaborate with your auditors, and track your compliance journey in a single operational dashboard.
Ready to get started?
Request a free demo today to see how OneTrust can guide your trust transformation journey.
Our privacy center makes it easy to see how
we collect and use your information.
When we collect your personal information, we always inform you of your rights and make it easy for you to exercise them. Where possible, we also let you manage your preferences about how much information you choose to share with us, or our partners.