Skip to main content
midnight shape and orange half circle

Tools to Assist with PCI Assessments

First-time compliance assessments

For Merchants that are performing a PCI DSS assessment for the first time, the PCI Council has a number of tools and resources to provide guidance and assistance.

PCI Prioritized Approach Tool

The PCI Prioritized Approach Tool provides six security milestones that will help you incrementally protect against the highest risk factors and escalating threats while on the road to PCI DSS compliance. It offers you:

  • A roadmap to address its risks in priority order
  • A pragmatic approach that allows for “quick wins”
  • Support for financial and operational planning
  • Promotion of objective and measurable progress indicators
  • Help in promoting consistency among Qualified Security Assessors

You may find the PCI Prioritized Approach Tool in the PCI SSC Document Library

PCI SSC small merchants resources

There are small merchant resources available to help educate you on the relevance and importance of PCI compliance and they serve as a first step toward familiarization and compliance with the PCI DSS:

Learn more about Why Security Matters

Access the PCI SSC Small Merchant website

Additional PCI SSC resources

Whether this is your first or fifth time complying with PCI DSS standards, to help an organization work toward compliance, you have access to a number of tools and resources on the  PCI SSC website

  • Approved security companies, services and products
  • PCI DSS requirements and Security Assessment Procedures
  • Self-Assessment Questionnaire
  • Navigating the PCI DSS
  • PCI DSS Quick Reference Guide

The PCI SSC also offers a variety of information supplements and guidance documents in its Document Library.

  • Skimming Prevention: Best Practices for Merchants
  • Code Reviews and Application Firewalls Clarified
  • Application Reviews and Web Application Firewalls Clarified
  • Penetration Testing
  • Wireless Network Guidelines
  • Initial Roadmap Point-to-Point Encryption Technology and PCI DSS Compliance

You can download these tools in the  PCI SSC Document Library

Contact our Data Security team

To report a data compromise or cardholder breach, call  1-800-347-3083. Or contact us for any compliance-related questions.

Contact us