SAQ

6 Results / Page 1 of 1

today

  • 89
  • 184
close

PCI DSS 3.2.1 PCI

Is an assessor required to visit work-from-home environments to determine if personnel are meeting PCI DSS requirements?

PCI SSC does not require QSAs or ISAs to visit personnel private residences for any purpose, including the review of work-from-home (WFH) environments to validate PCI DSS requirements. Entities should have policies and procedures implemented to provide assurance that applicable PCI DSS controls are in place for WFH personnel and ...

today

  • 84
  • 96
close

PCI DSS 3.2.1 PCI

For personnel working from home, is their environment considered a “sensitive area” for PCI DSS?

An individual’s private work-from-home (WFH) environment is not considered a “sensitive area,” and personnel working from home are not required to meet PCI DSS Requirements 9.1.1 or 9.3 for their WFH environments. “Personnel working from home” Refers to individuals that are employed by an entity to perform business duties from ...

today

  • 109
  • 105
close

PCI DSS 3.2.1 PCI

Is it easier to comply with PCI-DSS while using Cloud services ?

The distributed architectures of cloud environments add layers of technology and complexity that challenge traditional assessment methods. As a result, it may be particularly challenging to validate PCI DSS compliance in a distributed, dynamic infrastructure such as a public or multi-tenant environment. Examples of compliance challenges include but are not ...