The 12 PCI requirements are essentially the areas that merchants and service providers will need to be compliant with regarding the Payment Card Industry Data Security Standards (PCI DSS) provisions. What’s important to note is that each and every requirement has very explicit “requirements” for what truly needs to be in place for PCI DSS. Additionally, some of the requirements are more arduous and time-consuming than the others. The very first step that any merchant or service provider needs to do for PCI DSS compliance is to undertake a PCI Readiness Assessment. This essentially means going through all 12 PCI requirements and conducting a GAP analysis to see what areas you are compliant in and what areas you are not compliant in. This helps define the scope of the assessment along with giving you a very clear idea on what areas will need to be corrected before you can even think of obtaining PCI DSS compliance.
Whether you are doing a self-assessment or an actual on-site assessment by a Qualified Security Assessor, known as a QSA, a PCI readiness assessment is crucial.
To learn more about PCI DSS compliance, visit the official PCI DSS Resource Guide.