First-time compliance assessments
For Merchants that are performing a PCI DSS assessment for the first time, the PCI Council has a number of tools and resources to provide guidance and assistance.
PCI Prioritized Approach Tool
The PCI Prioritized Approach Tool provides six security milestones that will help you incrementally protect against the highest risk factors and escalating threats while on the road to PCI DSS compliance. It offers you:
- A roadmap to address its risks in priority order
- A pragmatic approach that allows for “quick wins”
- Support for financial and operational planning
- Promotion of objective and measurable progress indicators
- Help in promoting consistency among Qualified Security Assessors
You may find the PCI Prioritized Approach Tool in the PCI SSC Document Library
PCI SSC Small Merchants Resources
- Learn more about Why Security Matters
- Access the PCI SSC Small Merchant website
There are small merchant resources available to help educate you on the relevance and importance of PCI compliance and they serve as a first step toward familiarization and compliance with the PCI DSS:
Additional PCI SSC resources
Whether this is your first or fifth time complying with PCI DSS standards, to help an organization work toward compliance, you have access to a number of tools and resources on the PCI SSC website
- Approved security companies, services and products
- PCI DSS requirements and Security Assessment Procedures
- Self-Assessment Questionnaire
- Navigating the PCI DSS
- PCI DSS Quick Reference Guide
The PCI SSC also offers a variety of information supplements and guidance documents in its Document Library.
- Skimming Prevention: Best Practices for Merchants
- Code Reviews and Application Firewalls Clarified
- Application Reviews and Web Application Firewalls Clarified
- Penetration Testing
- Wireless Network Guidelines
- Initial Roadmap Point-to-Point Encryption Technology and PCI DSS Compliance
You can download these tools in the PCI SSC Document Library