Text size Increase Font-SizeDecrease Font-SizeReset Font-Size



The primary mission of the PCI Security Standards Council is to develop, maintain, enhance and disseminate security standards for payment card data protection. Thus, the Council does not provide direct support to or intervention in an individual organization's PCI DSS compliance efforts. But your success is important to us, and so we do offer a large range of self-help tools and materials, in addition to listing third-party resources. For example, the comprehensive collection of Frequently Asked Questions should be your first stop if you need answers to technical questions about the standards.

We also offer a broad education program. For security firms and professionals who seek to assist organizations with standards implementation and compliance, we provide training to become Qualified Security Assessors (QSAs), Payment Application Qualified Security Assessors (PA-QSAs), and Approved Scanning Vendors (ASVs). Lists of qualified practitioners can be accessed here. In addition, to assist organizations who want their employees to better understand the compliance process, the Council offers an Internal Security Assessor program, as well as non-certification training on PCI Security Standards that is open to the public.

Another avenue for support comes from participation in the activities of the Council. You'll find great value in becoming a Participating Organization, attending our Community events, meeting your peers, and sharing your views and experiences around payment card security with the Council, either informally or as a member of a Special Interest Group or the elected Board of Advisors.

Back to Top

The PCI Security Standards Council (the "Council") provides a variety of tools, questionnaires, guidance, FAQs, training resources and other materials and information to assist organizations seeking to achieve compliance with its standards (the "Standards"). Third party products and services are also available, but the Council does not endorse or recommend any such third party products or services, and advises all organizations seeking to achieve compliance to become familiar with the Standards and related requirements before purchasing third party products or services. Ultimately, all applicable requirements must be met in order to achieve compliance, regardless of whether or what third party products or services are used.