Ask Barclaycard Business

Payment Card Industry Data Security Standard (PCI DSS)

PCI - Security Standards Council - Participating Organisation

Understanding the compliance status

The path to compliance

The table illustrates the five steps towards complying fully with PCI DSS and what's involved in reaching them.

Merchant Status Details
Compliant
  • Internal Audit Completed and passed (Level 1)
  • Successfully completed SAQ (Level 2-3-4)
  • Passing Quarterly Network scans
In progress
  • Has QSA or agreed Independent Assessment.
  • Completed gap analysis
  • Action plan and remediation plan in place.
  • Indication of final audit date
  • Passing quarterly network scans (using an ASV)
Committed
  • Has QSA or agreed Independent Assessment.
  • Gap analysis complete and preparing remediation plan/seeking budget
  • Performing network scans (ASV)
Preparing
  • Contacted by acquirer
  • Gap analysis in progress
Non-compliant
  • Unable to make contact
  • Merchant unwilling/ unable to progress

back

© Barclaycard Business 2008