Skip to main content
Contact Us

Search

Weaver Connect

Payment Portal Client Login MyWeaver
Home    /    Insights & Resources

Does Your PCI DSS Compliance Program Include a Charter?

Executive Resource
If your organization is building or revamping its PCI DSS compliance program, download our PCI Compliance Program Charter template to get started.
March 10, 2022
Executive ResourceLocked Content
David Friedenberg
David Friedenberg
Senior Manager, IT Advisory Services

Create an account or log in to View Executive Resources and Locked Content.

Log In

Many organizations that accept credit cards are required to comply with the Payment Card Industry (PCI) Data Security Standard (DSS). With 12 requirements and more than 250 sub-requirements, the process can sound daunting. A PCI Charter, which is required for service providers and designated entities, is a great way to build PCI DSS requirements into Business-as-Usual (BAU) activities and an existing Information Security Policy and program.

What’s Inside

Weaver has developed free PCI Compliance Program charter templates that organizations can use as a starting point in developing a PCI Charter.

Why it Matters

Organizations that are building out or revamping their PCI DSS compliance program can use these templates to develop their own PCI Charter.

Log In
 

View all content.

Sign in or create a free account to view all Executive Resource Center content.

Log In   Create Account

The Payment Card Industry (PCI) Data Security Standard (DSS) requires merchants and service providers to define roles and responsibilities for maintaining PCI DSS compliance. A PCI Charter, required for service providers1 and designated entities2, is a great method for building PCI DSS requirements into Business-as-Usual (BAU) activities and an existing Information Security Policy and program.

If your organization is building out or revamping its PCI DSS compliance program, download these free PCI Compliance Program charter templates to use as a starting point.

1 Service providers are either (1) entities directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity or (2) entities that provide services that control or could impact the security of cardholder data.

2 Designated entities are those determined by an acquirer (merchant bank) or payment brand as an organization that requires additional validation to existing PCI DSS requirements.

© 2022

 

Download Weaver's PCI DSS v3.2.1 Compliance Program Template.

 

Download Weaver's PCI DSS v4.0 Compliance Program Template.