Payment Card Industry Data Security Standard
The information security standard for organizations that handle branded credit cards. PCI-DSS v4.0 introduces 64 new requirements with a focus on continuous security.
PCI-DSS v4.0 contains 12 principal requirements organized into 6 goals. The standard applies to any entity that stores, processes, or transmits cardholder data and emphasizes a customized approach to security.
Install and maintain network security controls, apply secure configurations to all system components.
Protect stored account data with encryption, mask PAN when displayed, protect cardholder data in transit.
Protect systems against malware, develop and maintain secure systems and software.
Restrict access by business need, identify users, restrict physical access, log and monitor all access.
Automatically identify systems in your CDE and validate that segmentation controls are properly documented.
Track all 12 PCI-DSS requirements with real-time compliance scoring and evidence freshness monitoring.
Generate Self-Assessment Questionnaires automatically from your documented controls and evidence.
Other Frameworks
Upload your policies, connect your systems, and let iQ Pulse map your controls to PCI-DSS requirements automatically. Audit-ready in weeks, not months.