Get a Demo
Published February 16, 2022 • By RiskOptics • Blog
PCI DSS 4.0

Mike Killinger, GRC Solutions ConsultantBy Mike Killinger, GRC Solutions Consultant

We’ve heard it for a while, but soon enough it’s actually going to happen. That’s right, the PCI Council will release their newly created PCI DSS 4.0 version to replace PCI DSS 3.2.1.

Currently, as a Participating Organization (PO), we have access to a draft version of PCI DSS v4.0 and a draft summary of changes document so that we can prepare to help our customers once the new version is live.

What does PCI DSS 4.0 mean for you?

More than likely, you’ll have some gaps in your compliance program that you may need to address in order to maintain your PCI DSS compliance. While the PCI Council will allow time to migrate to the new 4.0 version, we can help streamline and simplify the process.

Identifying Gaps in PCI DSS Compliance Program

If you currently have PCI DSS 3.2.1 loaded as a program in your Reciprocity® ZenGRC® instance, we can work with you to load a new PCI DSS 4.0 program (when released, of course) and map the controls, thus easily identifying where you may have control gaps.

Addressing Gaps in PCI DSS Compliance Program

After we identify the gaps, we can work together to create an audit and develop a plan to remediate any issues which were identified by the audit.

1) If you are ready to begin a new complete audit of your in-scope PCI DSS controls we can assist in creating that audit utilizing your new PCI DSS 4.0 program and creating a seamless transition to the new release.

2) If you are not ready to create a new audit, we can work with you to build an audit to test the new PCI 4.0 controls and get a jump start on meeting the new PCI 4.0 requirements.

What Can You Do Now?

Keep checking back with us here at Reciprocity as we’ll post more when we know more. If you have questions regarding your PCI DSS program and the migration from PCI DSS 3.2.1 to PCI DSS 4.0, contact us and schedule some time to talk through the process with one of our GRC Experts.

You can also keep up-to-date on PCI information via the PCI web page:
https://www.pcisecuritystandards.org/

Why sign up for the Risk Insiders newsletter?

To stay in the know! Get new blogs, resources, CPE opportunities, industry research & more — direct to your inbox.

Thank you for subscribing to the Risk Insiders newsletter!

Recommended

Image
5 Steps to Become PCI Compliant
man standing at the top of a stairwell with terms PCI Evidence Scope Requirements and Controls overlay
PCI DSS

5 Steps to Become PCI Compliant

Read more
Image
The Benefits of Using a Compliance-Oriented Data Management Platform
businessman using a data management platform on laptop
Compliance

The Benefits of Using a Compliance-Oriented Data Management Platform

Read more
Image
How To Use CPS 234 To Reduce Risk To Your Financial Data
APRA CPS 234 SCF 2022 Cross-industry prudential standard
Compliance

How To Use CPS 234 To Reduce Risk To Your Financial Data

Read more

Start Closing Control Gaps, Not Just Finding Them

Get a Demo