Pci Compliance and Detailed Messages

Payment Card Industry (PCI)

Data Security Standard

Requirements and Security Assessment Procedures

Version 2.0

October 2010

Document Changes

Date

October

2008

Version

1.2

Description

Pages

To introduce PCI DSS v1.2 as ―PCI DSS Requirements and Security Assessment Procedures,‖ eliminating

redundancy between documents, and make both general and specific changes from PCI DSS Security

Audit Procedures v1.1. For complete information, see PCI Data Security Standard Summary of Changes

from PCI DSS Version 1.1 to 1.2.

Add sentence that was incorrectly deleted between PCI DSS v1.1 and v1.2.

Correct ―then‖ to ―than‖ in testing procedures 6.3.7.a and 6.3.7.b.

July

2009

October

2010

2.0

32

Remove grayed-out marking for ―in place‖ and ―not in place‖ columns in testing procedure 6.5.b.

33

For Compensating Controls Worksheet – Completed Example, correct wording at top of page to say ―Use

this worksheet to define compensating controls for any requirement noted as ‗in place‘ via compensating

controls.‖

1.2.1

5

64

Update and implement changes from v1.2.1. For details, please see ― PCI DSS - Summary of Changes from

PCI DSS Version 1.2.1 to 2.0.‖

PCI DSS Requirements and Security Assessment Procedures, Version 2.0

Copyright 2010 PCI Security Standards Council LLC

October 2010

Page 2

Table of Contents

Document Changes ........................................................................................................................................................................... 2

Introduction and PCI Data Security Standard Overview ................................................................................................................. 5

PCI DSS Applicability Information .................................................................................................................................................... 7

Relationship between PCI DSS and...