PCI DSS 4.0 Checklist
Comprehensive PCI DSS 4.0 compliance checklist covering all 12 requirements. Track your cardholder data environment security compliance.
What's Included
All 12 PCI DSS Requirements
Complete coverage of PCI DSS 4.0 requirements and sub-requirements
Implementation Guidance
Practical guidance for meeting each requirement
Evidence Requirements
Documentation and evidence needed for QSA assessment
Customized Approach Options
New PCI DSS 4.0 customized approach considerations
Status Tracking
Implementation status and remediation tracking worksheet
SAQ Reference
Self-Assessment Questionnaire applicability guide
PCI DSS 4.0 Requirements
- 1.Install and Maintain Network Security Controls
- 2.Apply Secure Configurations to All System Components
- 3.Protect Stored Account Data
- 4.Protect Cardholder Data with Strong Cryptography During Transmission
- 5.Protect All Systems and Networks from Malicious Software
- 6.Develop and Maintain Secure Systems and Software
- 7.Restrict Access to System Components and Cardholder Data
- 8.Identify Users and Authenticate Access
- 9.Restrict Physical Access to Cardholder Data
- 10.Log and Monitor All Access to System Components and Cardholder Data
- 11.Test Security of Systems and Networks Regularly
- 12.Support Information Security with Organizational Policies and Programs
How to Use This Template
Download & Review
Download the checklist and review all 12 PCI DSS requirements. Understand what applies to your cardholder data environment.
Scope Your CDE
Define your Cardholder Data Environment boundary. Identify all systems that store, process, or transmit cardholder data.
Assess Current State
Go through each requirement and document your current compliance status. Identify gaps that need remediation.
Remediate & Validate
Address identified gaps, gather required evidence, and prepare for your SAQ or QSA assessment.