Risk Intelligence Help

PCI Scan PCI DSS Requirements Compliance Checks

This topic describes the Payment Card Industry Data Security Standards Council (PCI DSS) requirements, used to find at risk data when running PCI scans. The PCI DSS section is found in all PCI Scan Results reports (this includes the combined PCI and PAN scan report).

  1. Go to View and Manage - Scan Results and find the appropriate PCI or PCI and PAN scan.
  2. Double-click on the scan to open the Scan Results report.

The PCI DSS Summary section of the report summarizes whether the compliance checks have passed or failed and includes a link to the evaluation details found in the PCI DSS Details section:

PCI DSS Details

Information includes:

  • Main requirement number, title and background details e.g. Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
  • PCI DSS Requirements - Sub-requirement(s) required to meet main requirement.
  • Testing Procedures - Steps to test for requirement compliance.
  • Results - The results of each associated check - either Compliant or Not Compliant (with the requirement). See PAN Data Detection Requirement (below).
  • Making Sure You Are Compliant - Compliance information relating to the associated requirement.

PAN Data Detection Requirement

One of the requirements listed is for the system to check and ensure there is no at-risk PAN data found on the device. For this check to be compliant, there needs to have been a PAN scan run before the PCI scan so that the results of the PAN scan can be checked by the PCI scan.