Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Payment Card Assessments | PCI DSS

By: MATT CRANE
June 11th, 2024

As of June 11th, PCI DSS v4.0.1 was officially released. This update comes with several clarifications and adjustments to the previous version, ensuring more precise guidelines and addressing various implementation issues.

Blog Feature

Payment Card Assessments | PCI DSS

By: Bill Soverns
May 21st, 2024

If you’re a newly hired CISO or Director for an organization that’s required to achieve and maintain PCI DSS, you may be wondering how and where you can get started so that you’re ready when it comes time for the assessment to begin.

Blog Feature

Payment Card Assessments | PCI DSS

By: David Baca
April 30th, 2024

In the intricate world of payment security, navigating the labyrinthine requirements of the Payment Card Industry Data Security Standard (PCI DSS) can feel like deciphering code. But for merchants using virtual payment terminals, the PCI DSS SAQ C-VT emerges as a beacon of hope that offers a simplified path towards compliance.

Blog Feature

Payment Card Assessments

By: Jesse Eldell
April 11th, 2024

m;These days, to survive amidst the fierce competition of online commerce, merchants must prove they can safeguard sensitive cardholder data, and that means attaining and maintaining PCI compliance. And while the Self-Assessment Questionnaire (SAQ) A is often considered one of the more appealing routes to achieving that compliance, PCI DSS v4.0 has added new requirements to the SAQ A regarding Approved Scanning Vendor (ASV) scans.

Blog Feature

Payment Card Assessments

By: Roberto Davila
March 21st, 2024

Incident response has always been an important component of PCI DSS—in Requirement 12.10, the standard provides critical guidelines for the timeliness, preparedness, and continuous improvement of incident response management. That being said, new related requirements and clarifications have been introduced under v4.0 that add complexity and effort to the mandates from v3.2.1.

Blog Feature

Payment Card Assessments | PCI DSS

By: Salvatore Butera
February 20th, 2024

In the world of digital transactions and data security, the Payment Card Industry Data Security Standard (PCI DSS) serves as a crucial framework that ensures organizations handling payment card data maintain robust security measures. However, performing and passing PCI DSS assessments when you’ve deployed a Zero Trust Environment creates unique opportunities that challenge conventional notions of scope.

Blog Feature

Payment Card Assessments

By: Todd Busswitz
December 5th, 2023

A complete understanding of your cardholder data environment (CDE) is a cornerstone of a successful PCI DSS compliance program, but for that, you need to ensure you include all the systems, technologies, processes, and people that comprise it because if not, an omission or lack of controls applied could lead to non-compliance.

Blog Feature

Payment Card Assessments

By: Sully Perella
November 2nd, 2023

Comprised of both the PCI Secure Software Lifecycle (Secure SLC) Standard and PCI Secure Software Standard, the PCI Software Security Framework (SSF) is intended to help secure the design, development, and maintenance of software in payment environments. And while secure coding can be difficult, taking a conceptual approach to software development may make it—and PCI SSF compliance—a little easier.

{