WOLF & CO Alerts PCI DSS v4.0 Update

PCI DSS v4.0 Update

PCI DSS v4.0 has been published as of March 31, 2022. This update also includes updated templates for the Report on Compliance (ROC) and the Attestation of Compliance (AOC). The Self-Assessment questionnaires do not have an official publication date, but we expect that release later in Q2 2022.

To assist in a smooth transition, the PCI DSS v3.2.1 will remain active until March 31, 2024. The two-year transition period will give the organizations time to familiarize themselves with the updates, research what changes are needed, and implement them. After the transition period, implementation of the future-dated requirements must be completed by March 31, 2025.

The official announcement from the PCI SSC can be found here.

Wolf & Company, P.C. is dedicated to being a valuable partner to our clients – feel free to contact us if you have questions on any specific impacts to your Cardholder Data Environment (CDE).

Implementation Timeline

If you have any further questions, please reach out to Mike Kanarellis, HITRUST CCSFP at [email protected] or (617) 428-5408.