Date
September 21, 2022
Presenters
Sean D. Goodwin,
CISA, QSA, PCIP, CISSP, CCSP, GSEC, GCIH, GCIA, GCWN, GCCC, GCUX, GCPM, GDAT, GSE
Description
On March 31, 2022, PCI DSS v4.0 was released. With this release came major changes to the control requirements, testing documentation, and the terminology used. While the current standard, v3.2.1, can be used until March 31, 2024, it is still important to start considering these changes and how they may affect your organization’s processes and control design. Any reports dated after this time must be on v4.0. In this webinar we will provide guidance on some of the major requirements changes such as the 50+ evolving requirements (new requirements) and what the customized approach requirements entail.
Key Takeaways:
Understand what is new about DSS v4
- Requirements
- Updates to documents
- Customized Approach
- Targeted Risk Analysis
Understand the adoption timeline to move to v4
- V4 requirements that must be in place to be “Compliant”
- Future dated requirements
Different test results/report definitions in v4
- “Partial” Assessments (previously would fall in the non-compliant bucket)
- In-Place w/Remediation
