Limited Revision Planned for PCI DSS v4.0

5 months ago AndyC

To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, PCI SSC is planning a limited revision of the standard.

Limited Revision Planned for PCI DSS v4.0

To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, PCI SSC is planning a limited revision of the standard. Proposed changes include correcting format and typographical errors and clarifying the focus and intent of some of the requirements and guidance. There will not be any new or additional requirements in this revision.  

To support this limited revision, the PCI Board of Advisors, Global Executive Assessor Roundtable, and Principal Participating Organizations (through the Technology Guidance Group) are invited to review and provide feedback on the proposed changes during a Request for Comments (RFC) period. The RFC will be open for six weeks, from 13 December 2023 to 24 January 2024. 

Feedback from this RFC will help ensure that the proposed changes, clarifications, and additional guidance effectively support industry adoption of PCI DSS v4.0. Publication of the resulting revision is expected for the first half of 2024. 

RFC feedback plays a critical role in the ongoing maintenance and development of PCI standards and resources for the payment industry. 

To learn more about PCI SSC’s Principal Participating Organizations, Board of Advisors, and Global Executive Assessor Roundtable, visit the “Get Involved” page.  

 Access the PCI SSC Portal and Provide Comments

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , ,

More Stories

Protecting Model Updates in Privacy-Preserving Federated Learning: Part Two

2 days ago AndyC

Take A Tour! NIST Cybersecurity Framework 2.0: Small Business Quick Start Guide

3 days ago AndyC
Coffee with the Council Podcast: Help Shape the Future of Payment Security as a PCI SSC Participating Organization

Coffee with the Council Podcast: Help Shape the Future of Payment Security as a PCI SSC Participating Organization

5 days ago AndyC
Resource Guide: Earn Continuing Professional Education Credits Through the Council

Resource Guide: Earn Continuing Professional Education Credits Through the Council

1 week ago AndyC

Giving NIST Digital Identity Guidelines a Boost: Supplement for Incorporating Syncable Authenticators

2 weeks ago AndyC
PCI DSS v4: What’s New with Self-Assessment Questionnaires

PCI DSS v4: What’s New with Self-Assessment Questionnaires

1 month ago AndyC

You may have missed

LockBit published data stolen from Simone Veil hospital in Cannes

LockBit published data stolen from Simone Veil hospital in Cannes

8 hours ago AndyC

Friday Squid Blogging: Squid Purses

8 hours ago AndyC
Monash Health data caught up in attack on records digitisation provider

Monash Health data caught up in attack on records digitisation provider

14 hours ago AndyC
Russia-linked APT28 and crooks are still using the Moobot botnet

Russia-linked APT28 and crooks are still using the Moobot botnet

14 hours ago AndyC

My TED Talks – Schneier on Security

14 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.