PCI Compliance

Tools to Assist with PCI Assessments

First-Time Compliance Assessments

For merchants that are performing a PCI DSS assessment for the first time, the PCI Council has a number of tools and resources to provide guidance and assistance.

PCI Prioritized Approach Tool

The PCI Prioritized Approach Tool provides six security milestones that will help you incrementally protect against the highest risk factors and escalating threats while on the road to PCI DSS compliance. It offers you:

  • A roadmap to address its risks in priority order
  • A pragmatic approach that allows for “quick wins”
  • Support for financial and operational planning
  • Promotion of objective and measurable progress indicators
  • Help in promoting consistency among Qualified Security Assessors

You may find the PCI Prioritized Approach Tool in the PCI SSC Document Library

PCI SSC Small Merchants Website

The Small Merchants website is there to educate you on the relevance and importance of PCI compliance, serves as a first step toward familiarization and compliance with the PCI DSS, and answers the following critical questions:

Why Secure?

What to Secure?

How to Secure?

Access the PCI SSC Small Merchant Website

Additional PCI SSC Resources

Whether this is your first or fifth time complying with PCI DSS standards, to help an organization work toward compliance, you have access to a number of tools and resources on the PCI SSC website

  • Approved security companies, services, and products
  • PCI DSS requirements and Security Assessment Procedures
  • Self-Assessment Questionnaire
  • Navigating the PCI DSS
  • PCI DSS Quick Reference Guide

The PCI SSC also offers a variety of information supplements and guidance documents in its Document Library.

  • Skimming Prevention: Best Practices for Merchants
  • Code Reviews and Application Firewalls Clarified
  • Application Reviews and Web Application Firewalls Clarified
  • Penetration Testing
  • Wireless Network Guidelines
  • Initial Roadmap Point-to-Point Encryption Technology and PCI DSS Compliance

You can download these tools in the PCI SSC Document Library

Back to compliance resources

Contact Our Data Security Team

To report a data compromise or cardholder breach, call 1-800-347-3083. Or contact us for any compliance-related questions.
Contact Us