The gun has gone off. PCI DSS 4.0 has been released to the public, and the compliance community is heads-down getting their arms around all of the changes and new requirements. But TCT customers are turning that mountain of work into a molehill.
Just one day after PCI DSS 4.0 was released to the public, TCT added the new standard to our compliance management system. This is enormous news for compliance professionals — not only because they can use v4.0 whenever they’re ready, but because this helps them get ready sooner.
The moment that PCI DSS 4.0 was released to the public, our team immediately pulled all of our resources and redirected them to getting v4.0 set up on our compliance management platform. We did this because we understand the fact that all players in the security / compliance continuum will need to get their arms around the new standard quickly, and the pressure organizations face from their own client base when their customers want them to make the transition to the latest standard as soon as possible.
That Was Fast! But Is It Reliable?
I know what you’re thinking: How could we update our PCI compliance software so quickly, unless we sacrificed quality?
Long before the new version of PCI was released, we first built TCT Portal for speed. And we staged our systems so that we could efficiently layer on PCI 4.0. We’ve been keeping our eye on the developments around PCI 4.0 for a long time, and we anticipated the software capabilities that would be required in order to support the standard.
All of that groundwork freed us up to move fast without sacrificing quality. You’ll find TCT Portal’s support for v4.0 is as robust and reliable as every other certification we provide.
It was our top priority to serve our clients in the manner they’re accustomed to — and that means unparalleled quality in addition to hyper responsiveness. You’ll find that our product lives up to your expectations in every respect.
Getting Acclimated to PCI 4.0
When you switch to PCI DSS 4.0, you’ll notice two fundamental types of changes to the standard.
One is that PCI 4.0 has reshuffled the deck. If you’re a longtime practitioner in PCI and you’ve memorized all the requirement numbers and what they’re for, it’s time to memorize them all over again.
The other major change is the ability to leverage customized approach to meet particular requirements. Stay tuned: we’ll do a deep dive on that in a separate article.
Whether you’re brand-new to PCI DSS or a seasoned veteran, expect to be disoriented for a while. In fact, the entire PCI community will be going through a reacclimation — even Assessment Firms and Consultants. Which means there will be a period of time when nothing runs as efficiently as it normally would.
No matter who you are, you’ll have a learning curve to get through — and for most people, it’ll be a steep one.
That’s why TCT’s migration mapping is so valuable. When you’re ready to make the move to PCI 4.0, the compliance software does it for you with the click of a button. TCT Portal’s migration mapping imports all of your existing evidence from PCI 3.2.1 and moves it to the proper line items in PCI 4.0.
That means your learning curve just got a bit flatter. While there will still be a good amount of acclimation to PCI 4.0, TCT Portal eliminates the guesswork about where something belongs in the new version.
There’s no hunting and pecking through hundreds of sections to discover where various requirements got moved to. Instead, you can focus your efforts on getting to know all of the new requirements.
How to Start Using PCI 4.0 on TCT Portal
TCT Portal has already been updated with PCI DSS 4.0. If you’re a current customer, you can start using it now.
If you aren’t a TCT customer yet, we strongly recommend importing your most recent compliance records into TCT Portal on the PCI 3.2.1 track. That way you have a history you can reference as you go through your transition to v4.0. From there, you can map them seamlessly onto PCI 4.0 whenever you’re ready to make the transition.
Trust TCT for PCI Compliance Support
We initially cut our teeth in the PCI space, we’ve been involved with PCI for years, and the majority of our clients use PCI as a framework. TCT isn’t a company of software developers who decided to write a new software app. We’re a group of compliance practitioners who decided to solve the problems we experienced ourselves, so that we could make compliance management suck less for everyone.
Looking for a compliance management system that’s responsive to your needs and is built to make PCI DSS compliance management suck less? It’s time to get to know TCT Portal.