Guide to Third-Party Proof




Why Companies should track PCI Council and Card Brand Data

One often-overlooked risk associated with PCI compliance is the lack of consistent monitoring of critical PCI Council and Card Brand information. Organizations update third-party proof of compliance during audits and incidents… but what about the other 364 days a year?

Who needs an AOC? And why?

Who needs an AOC? And why? Many of our readers have likely heard of AOCs, but are looking for more information. One of the more …

Sharing is Caring: The Case for Posting Your PCI Provider Responsibility Matrices

For businesses, repeatedly answering the same question is a waste of valuable time and resources. You can expect this phenomenon to become increasingly common as …

Outsourcing your PCI? Get AOCs and Responsibility Matrices!

“For small and medium businesses, there is tremendous upside to outsourcing as much of your security and PCI compliance as you can. With the increasing …