Special Interest Groups
2016 SIG Proposals
Any Participating Organization (PO) Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and PCI Council Members* are invited to propose a Special Interest Group during an open proposal period that runs between 2 June and 30 June, 2015.
A PCI SSC representative will chair, lead and project manage SIG work. This collaboration will free SIG volunteers to focus on contributing subject matter expertise, without responsibility for logistical matters. This also ensures greater alignment between SIG volunteer contributions and PCI SSC direction.
Ultimately, SIGs will be chosen directly by the Participating Organization membership that represents merchants, financial institutions and payment processors - the organizations that are implementing PCI Standards.
After the close of the SIG proposal period, a selected list of proposals will be drawn up by PCI SSC. This process is aimed at consolidating any overlapping proposals and ensuring shortlisted proposals are focused on areas the Council can commit to supporting in the coming year.
Video presentations on selected SIG proposals will be available for review at the North American and European Community Meetings and also on the PCI SSC website. After the Community Meetings, Participating Organization Business Contacts will vote via an electronic ballot to determine which proposals will be supported by PCI SSC.
Topics covered by SIG collaboration and PO participation to date include the following and are available in the Documents Library
- Penetration Testing Guidance
- Best Practices for Implementing a Security Awareness Program
- PCI DSS V3.0 Best Practices for Maintaining PCI DSS Compliance
- Third-Party Security Assurance
- E-commerce - PCI DSS E-commerce Guidelines
- Cloud - PCI DSS Cloud Computing Guidelines
- Risk Assessment - PCI DSS Risk Assessment Guidelines
- Wireless - PCI DSS Wireless Guideline
- Virtualization - PCI DSS Virtualization Guidelines
- Tokenization - PCI DSS Tokenization Guidelines
- EMV - PCI DSS Applicability in an EMV Environment v1.0
SIG work may provide clarification on specific requirements within a PCI Standard, examine how PCI Standards work within any given industry or environment, or any other area that supports the Council's mission of raising awareness and increasing adoption of PCI Standards. Since the Council is focused on providing tools and resources to secure payment card data within the current payment system, and must also operate within a strict anti-trust framework, a focus outside of the current payment system is beyond our scope and would not be an appropriate topic for a PCI SSC SIG project.
2015 SIG Results
Through the election process, the Participating Organization community chose Effective Daily Log Monitoring and Managing Shared Responsibilities with Third Party Service Providers as the two projects to pursue as the next PCI Special Interest Groups in 2015. Both Special Interest Groups commenced in January and the deliverables are expected to be published at the end of 2015.
If you are a Participating Organization, QSA, ASV, or Affiliate Member, and would like to join one of these SIGs, please click the ‘Register’ button below to sign up.
* PCI Council Members is defined as PCI SSC Staff, Payment Brands, Affiliate Members or Strategic Members.