PCI DSS 12 Requirements Explained

By Murty Nisthala, CISA, CISSP, CCSP. Reviewed by Girija Togarati, ISO 27001 Lead Auditor.

PCI DSS v4.0 is built on 12 requirements that protect cardholder data. Here is what each group covers.

Table of Contents

The six goals and 12 requirements

The requirements span building a secure network and systems, protecting account data, maintaining a vulnerability management programme, implementing strong access control, monitoring and testing networks, and maintaining an information security policy.

Scope is everything

The requirements apply to your cardholder data environment. Reducing that environment through segmentation reduces the controls you must implement.

Meet them with an expert

Univate maps the 12 requirements to your environment and closes the gaps before validation.

Univate Solutions delivers PCI DSS Certification in India end to end. Book a free consultation and get a fixed quote. Explore cybersecurity services.