Organizations of all sizes that store, process, or transmit credit card data must comply with This article covers how to prepare for a PCI DSS onsite audit and maintain compliance with PCI requirements.

Compliance teams should compare risk analysis results against existing security controls and business processes to ensure they comply with the 12 PCI DSS requirements.

To achieve and maintain PCI DSS compliance, your organization must conduct the following infrastructure tests: Web application testing: Conducted annually as per PCI DSS Requirement 6.6.

Your organization must know exactly where customers’ credit card information is stored, processed, and transmitted to create accurate data flow charts, as per Requirement 1.2.4.

Related Articles