Frequently Asked Question

How frequently will the PCI Security Standards Council update the PCI DSS and PA-DSS?

To minimize changes to the standards, the PCI Security Standards Council (PCI SSC) has established a lifecycle approach for PCI DSS and PA-DSS, where version changes to the standards will occur every 3 years. The 3-year standards lifecycle also allows for changes "out-of-cycle" as needed to address critical issues or errata.

To ensure that organizations have time to achieve compliance with new versions of the standards, certain new requirements may be phased in with future effective dates.
November 2012
Article Number: 1061

Featured FAQ Articles