The alliance claims many merchants are still not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), which was created by the world’s major payment card companies in 2004.
For some merchants without a designated compliance officer, it appears it can difficult to understand how the PCI DSS requirements match up to the security sector.
“We believe that this risk assessment tool will help demystify the process of mapping the requirements of PCI DSS to the security marketplace,” said Dr. David Taylor, president of the PCI SVA.
The new tool, which can be found on the PCI SVA website, is also designed to help merchants properly complete the PCI DSS self-assessment questionnaire.
Results from the self-assessment include a list of missing requirements with a link to software and service providers that can address any shortcomings identified.
Taylor said, “We urge vendors who have not yet joined PCI SVA to do so now, as we want the tool to include the broadest range of information from the security and privacy software and services vendors as possible.”