Thursday, June 23, 2022

PCI DSSv4 Spreadsheet Format

PCI DSSv4 Spreadsheet Format!

Source: Official PCI Security Standards Council Site - Verify PCI Compliance, Download Data Security and Credit Card Security Standards

Available hereBlog Downloads (compliancequickstart.com) 

Direct Link: HERE

About

It can be helpful to have the PCI Data Security Standard content in a spreadsheet format to facilitate learning and the creation of related artifacts and mappings. I've provided this for other versions and now have an updated PCI DSS version 4 in a similar format to facilitate learning about the standard's content. This format helps me absorb and structure (yes - an active verb) a large amount of information quickly. I've learned that I'm wired differently than others - and this is what works for me. 

I'm a fan of what the PCI Standards Security Council has created with the DSS. They have had a significant impact on the overall security posture of many organizations because of their output.

PLEASE DEFER TO THE PCI SSC FOR ANY OFFICIAL USE - THIS IS UNOFFICIALLY PROVIDED AS A HELPFUL RESOURCE FOR LEARNING PURPOSES ONLY. 

The tabs in the spreadsheet contain: 

  • Original Content: Keeps tables in the same organization as the original. All text is retained. 
  • Nested Content: Recognizes the intentional nesting of content. All text is retained. 

Example given:                                 

  • X.Y is used as a top-level control descriptor for the items under it and never has a testing procedure.  
  • X.Y.Z is used as the primary control descriptor which always has a testing procedure

Nested Content is therefore: