Tamaño del texto Aumentar el tamaño de la letraDisminuir el tamaño de la letraRestablecer el tamaño de la letra

Special Interest Groups

2015 SIG Election - Closed

Thank you to all PCI Participating Organizations that voted in the 2015 Special Interest Group (SIG) election. Winners (the top two vote earners) of the election will be announced in early November, with SIGs to officially commence in January 2015.

2015 SIG Proposal Topics:

  • Cryptographic Keys and Digital Certificate Security Guidelines
  • Guidance on Determining Shared Responsibilities for Interrelated Third Party Services
  • Guidance on Effective Daily Log Monitoring
  • Guidance on Network Virtualization
  • Guidance on PCI DSS Assessments of Mainframe Environments
  • Unattended Security Guidance for ATMs, Vending and Pay at the Pump
  • Working Forum for Securing Retail Locations

2014 SIG Projects

The purpose of this SIG is to update the PCI DSS Information Supplement: Requirement 11.3 Penetration Testing document released in 2008.

The Penetration Testing Guidance SIG is working to finalize the Information Supplement and targeting publication in Q1 2015. For more information on the SIG's Terms of Reference please visit the PO Portal.

The Best Practices for Implementing a Security Awareness Program SIG Information Supplement was published in October 2014. Please visit the Documents Library on our website to review the published document.

2013 SIG Projects

The PCI DSS V3.0 Best Practices for Maintaining PCI DSS Compliance SIG guidance document was published in August 2014. Please visit the Documents Library on our website to review the published document.

The Third-Party Security Assurance SIG guidance document was published in August 2014. Please visit the Documents Library on our website to review the published document.

Special Interest Group participants have made significant contributions to the development of Council Standards, tools and educational resources over the years. The Council recognizes and thanks the many SIG volunteers and their contributions. Outcomes of SIG collaboration and PO participation to date include:

For more information about PCI SSC SIGs, please review the questions on this page or feel free to email us at sigs@pcisecuritystandards.org.

SIG Frequently Asked Questions

Any Participating Organization (PO) Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and PCI Council Members are invited to propose a Special Interest Group during an open proposal period that ran between 2 June and 7 July, 2014.

If you have any specific questions about the SIG proposal process, please email sigs@pcisecuritystandards.org.

A PCI SSC representative will chair, lead and project manage SIG work. This collaboration will free SIG volunteers to focus on contributing subject matter expertise, without responsibility for logistical matters. This also ensures greater alignment between SIG volunteer contributions and PCI SSC direction.

Ultimately, SIGs will be chosen directly by the Participating Organization membership that represents merchants, financial institutions and payment processors - the organizations that are implementing PCI Standards.

After the close of the SIG proposal period, a selected list of proposals will be drawn up by PCI SSC. This process is aimed at consolidating any overlapping proposals and ensuring shortlisted proposals are focused on areas the Council can commit to supporting in the coming year.

Presentations from POs, QSAs, ASVs, and PCI Council Members on selected SIG proposals will be given at the North American and European Community Meetings. After the Community Meetings, Participating Organization Business Contacts will vote via an electronic ballot to determine which proposals will be supported by PCI SSC.

Topics covered by SIG collaboration and PO participation to date include the following and are available in the Documents Library

SIG work may provide clarification on specific requirements within a PCI Standard, examine how PCI Standards work within any given industry or environment, or any other area that supports the Council's mission of raising awareness and increasing adoption of PCI Standards. Since the Council is focused on providing tools and resources to secure payment card data within the current payment system, and must also operate within a strict anti-trust framework, a focus outside of the current payment system is beyond our scope and would not be an appropriate topic for a PCI SSC SIG project.

Volver al principio

El PCI Security Standards Council (el "Concejo") proporciona una serie de herramientas, cuestionarios, orientación, preguntas frecuentes, recursos de capacitación y otros materiales e información para prestar asistencia a organizaciones que buscan el cumplimiento de sus normas (las "Normas"). También hay productos y servicios de terceros disponibles, pero el Concejo no respalda ni recomienda tales productos o servicios de terceros, y recomienda a todas las organizaciones que buscan el cumplimiento de las Normas familiarizarse con las mismas y sus requisitos relacionados antes de adquirir productos o servicios de terceros. En última instancia, se deben cumplir todos los requisitos aplicables a fin de lograr el cumplimiento, independientemente de si se utilizan productos o servicios de terceros o de cuáles sean.
Powered By OneLink