The Payment Cards Industry Security Standards Council (PCI SSC) has released an advisory document to help merchants reach compliance using a risk based approach.
This document is called the Prioritized Approach and provides guidance on how to focus PCI DSS compliance work in a way that ensures prioritizing the highest security risks.
Prioritized Approach groups together the requirements of the PCI Data Security Standard (DSS) v1.2 into six key milestones allowing for 'quick wins' to reduce risk, support financial and operational planning, and provide measurable progress steps.
Reduce the risk of penalties
The great news is that once a merchant is compliant with milestones 1-4, Visa Europe have confirmed that they will not be at risk from Assessment Fees for non-compliance. However, full compliance still needs to be reached in order for full safe harbor to come into effect.
