PCI Compliance otherwise referred to as Payment Card Industry Data Security Standard (PCI DSS) is a propriety information security standard for organisations working with major branded credit cards such as Visa, MasterCard, American Express and JCB. The PCI Compliance Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.
The PCI Compliance Standard was created to increase controls around cardholder data and reduce credit card fraud. Validation of compliance is performed annually by either external Qualified Security Assessors (QSA) or by an internal department focused on Internal Security Assessment (ISA) that creates a Report on Compliance (ROC) for organisations handling large volumes of transactions. Alternatively, a Self-Assessment Questionnaire (SAQ) can be completed by companies handling smaller volumes.