News
Knowledgebase
Are there alternatives, or compensating controls, that can be used to meet a requirement?
If a requirement is not, or cannot, be met exactly as stated, compensating controls can be considered as alternatives to requirements defined by the PCI DSS. Compensating controls should meet the intention and rigor of the original PCI requirement, and should be examined by the assessor as part of the regular PCI compliance audit.
(1131 vote(s))
Helpful
Not helpful

Comments (0)