Skip to main content


Does Your PCI DSS Compliance Program Include a Charter?

Executive Resource
If your organization is building or revamping its PCI DSS compliance program, download our PCI Compliance Program Charter template to get started.
March 10, 2022

The Payment Card Industry (PCI) Data Security Standard (DSS) requires merchants and service providers to define roles and responsibilities for maintaining PCI DSS compliance. A PCI Charter, required for service providers1 and designated entities2, is a great method for building PCI DSS requirements into Business-as-Usual (BAU) activities and an existing Information Security Policy and program.

If your organization is building out or revamping its PCI DSS compliance program, download these free PCI Compliance Program charter templates to use as a starting point.

1 Service providers are either (1) entities directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity or (2) entities that provide services that control or could impact the security of cardholder data.

2 Designated entities are those determined by an acquirer (merchant bank) or payment brand as an organization that requires additional validation to existing PCI DSS requirements.

© 2022


Download Weaver's PCI DSS v3.2.1 Compliance Program Template.


Download Weaver's PCI DSS v4.0 Compliance Program Template.