Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. In today's episode, I'm excited to announce that the Council will open the nomination period for the next Global Executive Assessor Roundtable on June 1st. This roundtable, or GEAR as it's known, represents the perspectives of the PCI assessor community. Joining me to discuss what all of this means and how you can participate is the Council's own Chelsea Lopez, Client Engagement Operations Director. Welcome, Chelsea!
Listen to the full episode on Spotify or on your favorite podcast player.
Chelsea Lopez: Thank you for the warm introduction, Alicia. I'm excited for the opportunity to discuss GEAR and for the upcoming nomination period.
Alicia Malone: Okay, Chelsea, so let's start by describing what the Global Executive Assessor Roundtable, or GEAR, is. What is its purpose?
Chelsea Lopez: The PCI SSC established the Global Executive Assessor Roundtable in 2018 to encourage the exchange of information and increase payment security through greater coordination with this key stakeholder group, our assessor community. The PCI SSC Global Executive Assessor Roundtable serves as a direct channel for communication between senior leadership of the payment security assessor organizations and PCI SSC. GEAR representatives are responsible for providing advice, feedback, and guidance to PCI SSC about issues that impact assessors, and helping identify resolutions to those issues.
In addition, this roundtable provides the opportunity to hear from executives at those assessor companies regarding enhancements for PCI assessor capabilities and skills that broaden service and value to the merchants and processors. The PCI SSC Global Executive Assessor Roundtable represents the views and interests of the PCI assessors, and the assessed entities.
Alicia Malone: So, what topics or issues in payment security have been the focus this term for the current roundtable? Are there any specific accomplishments that you'd like to highlight?
Chelsea Lopez: The last two years, the GEAR has been very active with a number of different initiatives. What I'd like to do is highlight a few of those. They have helped us at the Council with topics around penetration testing and the use of AI for assessments, vulnerability management and best practices, new technology in use that organizations are using to meet the PCI requirements, as well as modern payment methods around the world.
I would like to say that GEAR, this last term, was instrumental in supporting the development of guidance material for the payments industry including authentication guidance and the use of AI in assessments, as well as new and updated FAQs that have been published through our website.
Alicia Malone: Wow, it sounds like this roundtable has been very active and very busy. What are some of the advantages of serving on GEAR? Why should our assessor community get involved?
Chelsea Lopez: You know, the assessors really are a direct line with the payments industry and helping us understand what is happening. They have the opportunity to provide expert insights directly to the Council. They provide input on strategic decisions and supporting materials that we do publish from a global perspective. Our GEAR members support the advancement of assessor activities around the world and they are not just representing their direct firm, but they are bringing perspectives from the broader assessor community, as well as our assessed entities.
Alicia Malone: So, who's eligible to serve on this roundtable? Is it open to any assessor in the payment security industry?
Chelsea Lopez: That's an excellent question. And this is actually really exciting for us to be able to talk through. Eligible companies are any PCI SSC assessor company that has been active as an assessor company for at least seven years, who are actively participating in at least three assessor programs and are conducting business in at least three assessor regions.
Alicia Malone: Great. That's very helpful information. So, in order to serve on GEAR, you must first nominate your organization for selection. Walk us through this process and the timeline beginning with the nomination period.
Chelsea Lopez: The nomination period will open on June 1st and remain open through June 22nd, 2026. So that gives assessor organizations about three weeks to go ahead and nominate. The nomination is done by eligible companies that meet our eligibility requirements, and they're allowed to nominate their own organization during that period through the PCI Portal.
GEAR is open to a maximum of 35 assessor organizations. If more than 35 nominations received, we will do an automated lottery for seat selection. Once the 2026 through 2028 GEAR is selected, the first meeting of the term will be held in coordination with the North American Community Meeting in Vancouver, Canada in September 2026. All of this information and more FAQs are available on our website, specifically on the GEAR landing page. So, assessor companies should be able to find any information they are looking for.
Alicia Malone: So, Chelsea, what are some focus areas of the newly seated GEAR? What will they focus on in the next term?
Chelsea Lopez: Artificial intelligence related to the impact and consideration of PCI SSC standards and the impact to the industry overall. We also have other initiatives that we're looking at: service provider management as well as PCI DSS validation support. As we look to evolve PCI DSS, we do have an RFC opening on June 3rd, 2026. GEAR will be instrumental in making sure validation methods remain fit for purpose and can support consistent application across the industry.
Alicia Malone: Well, it sounds like there's some great initiatives ahead for GEAR and it sounds like it's going to be a very important roundtable for PCI SSC this year. Is there anything else you'd like to add about GEAR?
Chelsea Lopez: I really think GEAR is a great way for assessor companies to partner with PCI SSC. It provides an opportunity to serve as an important voice within the industry and as a trusted partner in payments. We do look to our GEAR members for insights that can help the assessor community and share their voice and help shape the future of the assessment work that the community does. And we're looking for thoughts about new technology or new ways to support payment security.
Alicia Malone: That sounds great. Well, thank you for joining us on Coffee with the Council today, Chelsea. I'm sure many of our assessor companies are excited about this opportunity to be more involved with the Council and to, of course, share their knowledge and expertise.
Like what you’ve heard? Subscribe to PCI SSC’s “Coffee with the Council” podcast by visiting any of the following platforms: Apple Podcasts, Spotify, Amazon Music, Anchor, Castbox, Google Podcasts, iHeartRadio, Pocket Casts, RadioPublic, or Stitcher.
