This website uses cookies. View our cookie policy
Select regional store:

PCI DSS resources

Download a range of different resources, such as guides, datasheets, infographics and green papers, providing technical guidance to help support your PCI DSS compliance program.


Protect profits by managing payment card risk

The Payment Card Industry Data Security Standard (PCI DSS) applies to all organizations that transmit, process or store payment card data. Although the Standard is technically complex to implement, it is based on common information security practices.

Find out how IT Governance’s approach uses the PCI DSS as a set of information security controls that can be effectively integrated within a broader cybersecurity framework to further reduce risk.


The PCI DSS: Challenge or opportunity?

This executive briefing outlines the 12 requirements of the PCI DSS relating to the storage, transmission and processing of cardholder data. We outline the five major PCI DSS challenges faced by merchants, and based on our experience, we offer recommendations to help achieve and maintain PCI DSS compliance more effectively.

Get started with the basics of the PCI DSS by downloading this executive briefing.


The PCI DSS Self-Assessment Questionnaire (SAQ)

The PCI DSS self-assessment questionnaire (SAQ) is a validation tool for qualifying merchants and service providers that are neither required to undergo an on-site data security assessment nor submit a Report on Compliance (RoC). The purpose of the SAQ is to assist organizations in self-evaluating compliance with the PCI DSS.

This page can help you identify which SAQ you need to complete, and whether a vulnerability assessment mechanism is required.


PCI Audit Success in Nine Essential Steps

Achieving and maintaining compliance with the PCI DSS can be a daunting process. This green paper will help organizations to effectively prepare for a PCI audit and ensure a successful audit outcome.


PCI DSS: Reducing the cardholder data environment

When implementing the PCI DSS, it is important to define the areas of your organisation to which the Standard will apply. Reducing the cardholder data environment (CDE) can reduce the cost of implementation, but doing so can be a complex and challenging task.

This green paper will help organizations that are required to comply with the PCI DSS to reduce their CDE in order to minimize compliance costs and resources.

The PCI DSS and its SAQs

This paper has been developed to provide readers with the practical knowledge required to identify the right Self-Assessment Questionnaire, allowing you to achieve full compliance with the PCI DSS.


PCI DSS and Penetration Testing

Requirement 11 of the PCI DSS covers the need to regularly and frequently carry out tests to identify unaddressed security issues and scan for rogue wireless networks. Regular testing is fundamental to making sure an organization is prepared for the full range of attacks that companies might have to face.

Find out which penetration test you need to identify unaddressed security issues and scan for rogue wireless networks.

Encryption for PCI DSS v3.2

This green paper is aimed at those implementing PCI DSS v3.2 and those conducting audits to make sure an organization is compliant. It provides some background about the issues, and explains how encryption is incorporated into the Standard and how it can be audited.

Appletree Communications Ltd: Moving beyond PCI DSS compliance

Having grown its subscription volumes beyond the transaction level required for a PCI SAQ, Appletree Communications Ltd was keen to progress to the highest level of PCI compliance as a service provider.

Find out how IT Governance helped use the opportunity to boost its credentials while extending the payment gateway and payment processing arm of the business.

Speak to an expert

Please contact us for further information or to speak to an expert.