PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect account data. The next evolution of the standard- PCI DSS v4.0- is now available.
This PCI DSS Resource Hub provides links to both standard documents and educational resources to help organizations become familiar with PCI DSS v4.0. Make sure to subscribe to the PCI Perspectives Blog to stay up to date on all news from PCI SSC.
PCI DSS v4.0 Documents
The following documents can be found in the PCI SSC Document Library.
- ASV Resource Guide
- PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures
- PCI DSS v4.0 At a Glance (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.0 Extra Compensating Controls Worksheet
- PCI DSS v4.0: Prioritized Approach (Available in the following languages: English, German, Portuguese, Chinese, French, and Spanish)
- PCI DSS v4.0 Quick Reference Guide (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.0 (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.0 Report on Compliance (ROC) Template
- PCI DSS v4.0 ROC Attestations of Compliance (AOC) (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.0 ROC Frequently Asked Questions
- PCI DSS v4.0 Self-Assessment Questionnaires (SAQs) (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.0.1 Report on Compliance Template
- PCI DSS v4.x: Targeted Risk Analysis Guidance (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.x Sample Templates to Support Customized Approach (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- PCI DSS v4.x Sample Template: TRA for Activity Frequency (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- SAQ for Software-based PIN Entry on COTS (SAQ SPoC) (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- Self-Assessment Questionnaire (SAQ) Instructions and Guidelines (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
- Summary of Changes from PCI DSS v3.2.1 to v4.0 (Available in the following languages: English, German, Portuguese, Chinese, Japanese, French, and Spanish)
PCI DSS v4.0: Additional Resources
- Blog: New Guidance Coming for E-commerce Security Requirements in PCI DSS v4.x
- Blog: New Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures
- Blog: PCI SSC Releases ROC Template for PCI DSS v4.0.1
- Blog: Now is the Time for Organizations to Adopt the Future-Dated Requirements of PCI DSS v4.x
- Blog: Resource Guide: Vulnerability Scans and Approved Scanning Vendors
- Blog: Just Published: PCI DSS v4.0.1
- Blog: PCI DSS v4: What’s New with Self-Assessment Questionnaires
- Blog: Items Noted for Improvement (INFI) Worksheet Discontinued
- Blog: PCI DSS v3.2.1 is Retiring on 31 March 2024 – Are You Ready?
- Blog: Limited Revision Planned for PCI DSS v4.0
- Blog: Just Published: PCI DSS v4.x Targeted Risk Analysis Guidance
- Blog: Eight Steps to Take Toward PCI DSS v4.0
- Blog: Watch Questions with the Council: What to Know About PCI DSS v4.0 Training
- Blog: Watch Questions with the Council: PCI DSS v4.0 and the Customized Approach
- Blog: New Video Series: Questions with the Council
- Blog: PCI DSS v4.0: Roles and Responsibilities for the Customized Approach
- Blog: PCI DSS v4.0: Is the Customized Approach Right For Your Organization?
- Blog: PCI DSS v4.0: Compensating Controls vs Customized Approach
- Podcast: Coffee with the Council: PCI DSS v4.0 is Now Available: Resources and Engagement Events
- Press Release: Securing the Future of Payments: PCI SSC Publishes PCI Data Security Standard v4.0
- Video: A Conversation with the Council: First Look at PCI DSS v4.0
- At a Glance: What is New with PCI DSS v4.0
- Podcast: Coffee with the Council: PCI DSS v4.0: A Preview of the Standard and Transition Training
- Blog: Countdown to PCI DSS v4.0
- Bulletin: PCI Security Standards Council Bulletin: SAQs for PCI DSS v4.0 are Now Available
LinkedIn Live Discussion on PCI DSS v4.0
Watch a replay of our LinkedIn Live discussion where we address stakeholder questions about PCI DSS v4.0 and discuss the latest updates from the council.
Watch A Conversation with the Council: First Look at PCI DSS v4.0
This page will be updated as new resources become available. Please be sure to bookmark this page and check back regularly for additional updates.
