If you’re not already managing your scope for PCI DSS v3.2.1, you’ll be in for a rude awakening with the requirements in PCI DSS v4.0 that need to be in place by March 31, 2024.
The founders of Payment Card Assessments know all to well what it’s like to receive a scan report with over 2,000 configuration failures, a standards team that didn’t communicate changes to the scanning team, and an implementation team that had no idea what they were supposed to do to an in-scope asset before it went into production.
The Five Biggest Mistakes Level 1 Merchants Make When It Comes to Achieving Their Mandatory Report on Compliance.
Let’s be real for a second – the report on compliance is mandatory for all level 1 merchants and any merchant regardless of level that is required to provide a report on compliance by either their acquirer or card brand. Most level 1 merchants fall out of compliance shortly after the ink is dry on their most recent report. Why? Because they don’t have a sustainability program. The RoC is treated like a bad surprise every year and that creates wasted effort, lost money, and burned out staff.