Select regional store:

Free PDF download: Reducing the Cardholder Data 
Environment (CDE) – Practical guidance on how to reduce the scope of your PCI DSS implementation 

When implementing the PCI DSS, it is important to define the areas of your organization to which the Standard will apply. Reducing the CDE (cardholder data environment) can reduce the cost of implementation, but doing so can be a complex and challenging task.

Scoping is the first step on the road to gaining or maintaining PCI DSS compliance and effective scope reduction can reduce the time and cost of becoming compliant.

This green paper will help organizations that are required to comply with the PCI DSS to reduce their CDE in order to minimize compliance costs and resources.


  • The importance of determining the system components, people, and processes to be included in the assessment, and why an external auditor will not do it for you
  • How to create an accurate data flow diagram to map the movement of cardholder data
  • What to include when mapping the IT infrastructure and external connections
  • Means of reducing the scope, including tips on data storage, segmentation, and more
This website uses cookies. View our cookie policy