PCI DSS Policy Templates

Companies that store, transmit or process credit card data are required by Requirement 12.1 of the PCI DSS to create and continuously maintain an information security policy for their employees. This makes Requirement 12.1 one of the few requirements of the PCI DSS that applies to all companies, regardless of transaction volume, line of business, or size of the company. In addition to the information security policy itself, the PCI DSS also requires the creation and maintenance of other policies based on the requirements applicable to the company.

 

Our PCI DSS Policy Templates

Based on our years of experience and in accordance with the PCI DSS requirements, our experts have developed template sets for you based on the PCI DSS versions 3.2.1 and 4.0. The Policy Templates form the basis of your information security policy and contain, in addition to the information security policy itself, all other guidelines necessary for your type of company and your SAQ (Self-Assessment Questionnaire). In addition to the Policy Templates, you will also receive instructions on how to use the templates, which will indicate all the places where you still need to adapt them to your circumstances.

Benefit from the technical know-how of our PCI experts

Create the best possible basis for your PCI DSS compliance

Secure more time and resources for your core business

PCI DSS v4.0

PCI DSS v4.0 will completely replace the previous version PCI DSS v3.2.1 from 01.04.2024. During the transition period, both versions of the standard, PCI DSS v4.0 and PCI DSS v3.2.1, will remain valid in parallel. During this phase, affected companies can decide for themselves which standard they want to be certified against.

Do you have questions or need support with your transition to PCI DSS v4.0?
We have summarized the most important information for you.

Select the right set for you

Select your appropriate set depending on the SAQ classification and the role your company fulfills in the context of PCI DSS (merchant or service provider). Currently, you can also distinguish between policy templates in versions 4.0 and 3.2.1. PCI DSS v4.0 will completely replace the previous version PCI DSS v3.2.1 from 01.04.2024. During the transition period, both versions of the standard will remain valid, so that companies can decide for themselves according to which standard version you provide your compliance validation.

Please note: The version of your Policy Templates must match the version of the PCI DSS according to which your company proves compliance.

Version 4.0

PCI DSS Policy Templates

Product Sheet

Version 3.2.1

PCI DSS Policy Templates

Product Sheet

Do you need assistance? We are here for you.

We will be happy to support you in assigning the appropriate SAQ to your company and in subsequently adapting the PCI DSS Policy Templates to your circumstances.

Contact

 

Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Benedikt Krümmel
usd Technical Sales Consultant,
PCI Professional