Frequently Asked Question

Featured FAQ Articles
Most Recently Updated
-
Can a Qualified Security Assessor (QSA) ask an auditor from the same company (for example, one conducting a SOC 2 or SOC 3 audit) to collect evidence for a PCI DSS assessment?
-
Which version of PCI DSS should an entity use?
-
What should an entity do if its PCI DSS v3.2.1 assessment will not be complete prior to that standard’s retirement date of 31 March 2024?