Text size Increase Font-SizeDecrease Font-SizeReset Font-Size

Special Interest Groups

2016 SIG Election – Open now through 20 November 2015

PCI Participating Organizations are invited to participate in the 2016 Special Interest Group (SIG) elections to choose the project that the Council will pursue as the SIG project in 2016.

This year the SIG topic proposals are available for review on our website. Please take a few minutes to watch the proposals at the following link, to prepare to cast your vote. The topics available for voting are:

  • Approved Scanning Vendor Guidance
  • Best Practices for the Airline Industry
  • Best Practices for Franchisees
  • Best Practices for Safe E-Commerce
  • Cryptographic Keys and Digital Certificate Security Guidelines

Watch The Proposals Here

After reviewing the presentation videos, please log into the PO Portal to cast your company’s ballot for your top three topic selections (please contact participation@pcisecuritystandards.org for further assistance to access the portal). Participating Organizations have from 8:00 a.m. EDT on 28 September 2015, until 11:59 p.m. EST on 20 November 2015 to register their votes. The topic with the highest number of votes will become the 2016 SIG topic. The winner will be announced in early December, with the new Special Interest Group to officially commence in January 2016.

Note: As a reminder, assessors and scanning vendors are invited to propose or join SIGs, but the election process is reserved for POs only. This is designed to ensure that merchants, financial institutions and processors who are involved in implementing the PCI Standards are the focus of an election that will give them the direct choice of which projects would be most beneficial to their needs.

Ready to vote? Cast your ballot here!

2015 SIG Projects

Provide guidance and techniques to improve daily log monitoring to meet PCI DSS requirements, including available tools and examples/evidence from recent breaches.

The Effective Daily Log Monitoring SIG is working to finalize the Information Supplement and targeting publication in Q1 2016. For more information on the SIG’s Terms of Reference, please visit the PO Portal.

Develop guidance on how to accurately report shared responsibilities between assessed entities and their third party service provider(s) to ensure the understanding of the scope of the services provided, as well as both parties' shared responsibilities.

The Shared Responsibilities SIG is working to finalize the Information Supplement and targeting publication in Q1 2016. For more information on the SIG’s Terms of Reference please visit the PO Portal..

* PCI Council Members is defined as PCI SSC Staff, Payment Brands, Affiliate Members or Strategic Members.

SIG Frequently Asked Questions

Any Participating Organization (PO) Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and PCI Council Members* are invited to propose a Special Interest Group during an open proposal period that runs between June and July each year.

If you have any specific questions about the SIG proposal process, please email sigs@pcisecuritystandards.org.

A PCI SSC representative will chair, lead and project manage SIG work. This collaboration will free SIG volunteers to focus on contributing subject matter expertise, without responsibility for logistical matters. This also ensures greater alignment between SIG volunteer contributions and PCI SSC direction.

Ultimately, SIGs will be chosen directly by the Participating Organization membership that represents merchants, financial institutions and payment processors - the organizations that are implementing PCI Standards.

After the close of the SIG proposal period, a selected list of proposals will be drawn up by PCI SSC. This process is aimed at consolidating any overlapping proposals and ensuring shortlisted proposals are focused on areas the Council can commit to supporting in the coming year.

Video presentations on selected SIG proposals will be available for review at the North American and European Community Meetings and also on the PCI SSC website. After viewing the videos, Participating Organization Business Contacts will vote via an electronic ballot in the PO Portal, to determine which proposals will be supported by PCI SSC.

Topics covered by SIG collaboration and PO participation to date include the following and are available in the Documents Library

SIG work may provide clarification on specific requirements within a PCI Standard, examine how PCI Standards work within any given industry or environment, or any other area that supports the Council's mission of raising awareness and increasing adoption of PCI Standards. Since the Council is focused on providing tools and resources to secure payment card data within the current payment system, and must also operate within a strict anti-trust framework, a focus outside of the current payment system is beyond our scope and would not be an appropriate topic for a PCI SSC SIG project.

Back to Top

The PCI Security Standards Council (the "Council") provides a variety of tools, questionnaires, guidance, FAQs, training resources and other materials and information to assist organizations seeking to achieve compliance with its standards (the "Standards"). Third party products and services are also available, but the Council does not endorse or recommend any such third party products or services, and advises all organizations seeking to achieve compliance to become familiar with the Standards and related requirements before purchasing third party products or services. Ultimately, all applicable requirements must be met in order to achieve compliance, regardless of whether or what third party products or services are used.