PCI DSS v4 Global Symposium Is Now Available

The PCI SSC has published the PCI DSS v4 Global Symposium for all QSAs, ASVs and Participating Organizations (PO).

To virtually attend this pre-recorded set of presentations you can go here. The Symposium dropped on Tuesday, June 21, and is available through Tuesday, August 30, 2022.

The Agenda for this Symposium includes:

  • Welcome Remarks
  • PCI DSS v4.0 Highlights
  • Requirements: What’s New And Exciting
  • Flexibility For Implementing Security Controls (likely all about the new Customized Approach)
  • The New Approach To Reporting (explanation of how the new ROC template works?)
  • A Look Into Self Assessments
  • Preparing To Move To 4.0
  • PCI DSS v4.0 Educational Resources
  • Closing Remarks

I have yet to attend this almost 3 hour symposium, but I am guessing, based on the topics, that some of this is a rehash of what we have already been provided. However, there does appear to be some new material, so it still should be informative and interesting.


1 Response to “PCI DSS v4 Global Symposium Is Now Available”

  1. 1 Erik
    June 23, 2022 at 6:18 AM

    I think the symposium was really good! I had expected it be mainly corporate/business stuff, but instead it was die-hard detailed concepts/requirements/methods. Exactly what I wanted.

    One interesting thing I noted: “PAN means PAN”. OK that’s obvious. Now, surely this extends to other key terms as well? CDE means CDE! Payment page means payment page!

    Look at SAQ A and SAQ A-EP with this in mind…

    For example, some of the new requirements in SAQ A apply specifically to the “payment page”. However, as described in FAQ 1438, the Merchant website is not a payment page when the solution is eligible for SAQ A. These new requirements doesn’t seem to apply to anything on the Merchant side.

    In SAQ A-EP, many requirements now apply specifically to the CDE. However, for solutions eligible for SAQ A-EP, the Merchant has no CDE.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Welcome to the PCI Guru blog. The PCI Guru reserves the right to censor comments as they see fit. Sales people beware! This is not a place to push your goods and services.

June 2022

%d bloggers like this: