Submitted by: Submitted by ssranjan
Views: 351
Words: 24305
Pages: 98
Category: Business and Industry
Date Submitted: 10/20/2012 08:00 AM
Payment Card Industry (PCI)
Data Security Standard
Requirements and Security Assessment Procedures
Version 2.0
October 2010
Document Changes
Date
October
2008
Version
1.2
Description
Pages
To introduce PCI DSS v1.2 as ―PCI DSS Requirements and Security Assessment Procedures,‖ eliminating
redundancy between documents, and make both general and specific changes from PCI DSS Security
Audit Procedures v1.1. For complete information, see PCI Data Security Standard Summary of Changes
from PCI DSS Version 1.1 to 1.2.
Add sentence that was incorrectly deleted between PCI DSS v1.1 and v1.2.
Correct ―then‖ to ―than‖ in testing procedures 6.3.7.a and 6.3.7.b.
July
2009
October
2010
2.0
32
Remove grayed-out marking for ―in place‖ and ―not in place‖ columns in testing procedure 6.5.b.
33
For Compensating Controls Worksheet – Completed Example, correct wording at top of page to say ―Use
this worksheet to define compensating controls for any requirement noted as ‗in place‘ via compensating
controls.‖
1.2.1
5
64
Update and implement changes from v1.2.1. For details, please see ― PCI DSS - Summary of Changes from
PCI DSS Version 1.2.1 to 2.0.‖
PCI DSS Requirements and Security Assessment Procedures, Version 2.0
Copyright 2010 PCI Security Standards Council LLC
October 2010
Page 2
Table of Contents
Document Changes ........................................................................................................................................................................... 2
Introduction and PCI Data Security Standard Overview ................................................................................................................. 5
PCI DSS Applicability Information .................................................................................................................................................... 7
Relationship between PCI DSS and...