Templates
Information Security
PCI Compliance Checklist 2024
🔒

PCI Compliance Checklist 2024

1
Identify which systems are in PCI scope
2
Perform a risk assessment of the in-scope systems
3
Verify physical security controls
4
Check and validate firewall configurations
5
Inspect router settings and configurations
6
Verify strong encryption is used for cardholder data
7
Review vulnerability management processes
8
Ensure antivirus software is up-to-date and running on all systems
9
Inspect access control measures for cardholder data
10
Verify restriction of cardholder data to business need-to-know basis
11
Conduct penetration testing
12
Conduct internal and external vulnerability scans
13
Validate security systems and processes are tested regularly
14
Check breach notification procedures are in place
15
Update Incident Response plan if necessary
16
Compliance Review performed by Qualified Security Assessor
17
Finalize and document all findings
18
Approval: PCI Compliance Checklist 2024
19
Store all relevant documentation for at least 1 year
20
Notify all relevant parties of PCI compliance status