PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.
NIST CSF is a cybersecurity framework designed by US-based National Institute of Standards and Technology.
The California Consumer Privacy Act is a state statute passed in 2018 that gives California residents new data privacy rights and requires compliance from for-profit business entities.
The GDPR governs the collection, processing, consent, and distribution of personal information to ensure that EU citizens have more control of personal data.
A service provider is involved in the processing, storage, and transmission of a credit card holder's data.
Qualified Security Assessor (QSA)
Qualified Security Assessor is an organization or individual that compliance auditing.
Cardholder Data Environment (CDE)
Cardholder Data Environment (CDE) includes all the people and technologies that can impact the security of cardholder data.
Attestation of Compliance (AOC)
Attestation of Compliance (AOC) is the documentation that validates the compliance status of an organization.