PCI DSS Compliance

Summary

This practice note addresses compliance with IT and outsourcing contracts under the Payment Card Industry Security Standards Council ("the PCI SSC") pursuant to the Payment Card Industry Data Security Standard Requirements and Security Assessment Procedures ("the PCI DSS"). This Practice Note sets out the requirements of the PCI DSS and highlights the changes that were introduced by Version 3.2. Version 3.2 has since been replaced by version 4.0. For guidance on Version 4.0, see PCI DSS v4.0 Compliance.