PCI Security Standards Council®

Return to Newsroom


PCI Security Standards Council Issues Remote Assessment Guidelines

Guidelines Provide Best Practices to Support the Appropriate Use of Remote Assessments for PCI SSC Standards

WAKEFIELD, Mass., 24 September 2021 — The PCI Security Standards Council (PCI SSC) has issued guidelines to support principles and procedures outlining the use of remote assessments. Built upon guidance provided throughout the course of the pandemic, the “PCI SSC Remote Assessment Guidelines and Procedures” was developed to meet the changing needs of the payments industry.

Assessors play a critical role in ensuring payment data is secure by evaluating how organizations secure payment data. While onsite assessments are always expected, PCI SSC recognizes there are legitimate circumstances that could prevent an assessor from completing the assessment activities onsite. In these scenarios, assessors and entities will be able to refer to the procedures and guidelines outlined in this document.

“The Council’s primary goal has always been to help organizations protect payment data,” say Emma Sutcliffe, SVP, Standards Officer. “We have collaborated with the payments industry and have issued timely guidance to help organizations maintain and monitor the effectiveness of their security controls throughout the course of the global pandemic. The Remote Assessment Guidelines and Procedures builds upon previously published guidance on conducting remote assessments in a secure manner.”  

Remote Assessment Guidelines and Procedures can be found in the PCI SSC Document Library. Guidelines include:

It is important to note the PCI SSC does not enforce compliance with its standards. All questions about how completion of an assessment may impact compliance to a payment brand compliance program should be addressed to the entity’s acquirer or the applicable payment brands.

Read the PCI Perspectives blog post for additional information on the Guidelines.

About the PCI Security Standards Council
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches. Connect with the PCI SSC on LinkedIn. Join the conversation on Twitter @PCISSC. Subscribe to the PCI Perspectives Blog.


Our website uses both essential and non-essential cookies (further described in our Privacy Policy) to analyze use of our products and services. By clicking “ACCEPT” below, you are agreeing to our use of non-essential cookies to provide third parties with information about your usage and activities. If you click “DECLINE” below, we will continue to use essential cookies for the operation of the website.

Powered by Translations.com GlobalLink OneLink SoftwarePowered By OneLink