Find Your Specialist


Contact Us

    Go Back

    New Target Date for PCI DSS v4.0

    As the PCI Standards Security Council continues to receive feedback from industry representatives and stakeholders on PCI DSS v4.0, the new target date for the completion of the standard is now in Q4 2021.  An additional RFC period will likely occur in the summer of 2021, which will include the Report on Compliance (ROC) template, Self-Assessment Questionnaires (SAQs), and Attestation of Compliance (AOC) validation documents.  There will still be ample time to transition to v4.0, with the sunset period for v3.2.1 likely to be 18-24 months.

    The key initiatives, covered in our original post from the PCI Security Standards Council’s North America Meeting, are still in play as the Council’s objectives with v4.0 are to

    • Continue to provide the critical foundation for securing payment data in a rapidly evolving ecosystem.
    • Promote security as a continuous process.
    • Improve flexibility for organizations using a broad range of methods and technologies to achieve PCI DSS security objectives.

    The PCI specialists at Frazier & Deeter will continue to monitor the progress on PCI DSS v4.0 as we move toward the new standard.

    Key Specialists

    Mindy Milliet CISA, QSA, CISM, PCIP is a certified PCI Qualified Security Assessor with over 18 years of experience in internal audit, IT audit, and data security. With her extensive SOX, internal audit and security audit experience, Mindy works with clients across a wide range of industries with a focus on financial services, restaurants, hospitality, manufacturing, distribution, healthcare and traditional and eCommerce retail.

    Derrick Rice CISSP, CISA, CCSK, QSA is a Director in Frazier & Deeter’s Process, Risk & Governance Practice, where he focuses on information and technology systems management, design, security and support. Derrick provides subject matter expertise and manages the delivery of various security assessments, including PCI, HITRUST and HIPAA.

    Matt Bonfre CISA, CCSK is a Senior Associate in the Process, Risk, & Governance Practice, where he has experience in industries ranging from retail and healthcare to technology and financial services. Matthew performs internal control assessments including SOC 1, SOC 2, PCI, HITRUST and SOX for both IT and business processes.

    Related Articles

    Privacy Overview

    When you use or access the Site, we use cookies, device identifiers, and similar technologies such as pixels, web beacons, and local storage to collect information about how you use the Site. We process the information collected through such technologies, which may include Personal Information, to help operate certain features of the Site (e.g., to prevent online poll participants from voting more than once), to enhance your experience through personalization, and to help us better understand the features of the Site that you and other users are most interested in.

    You can enable or disable our use of cookies per category.
    Always Enabled

    Essential cookies enable you to navigate our Site and use certain features, such as accessing secure areas of our Site and using other features of our service that require us to keep track of certain information as you navigate from page to page. Although some of these cookies are “required” to enable certain functionality, you can disable them in the browser, but doing so will limit your ability to use the features supported by such cookies.

    Functionality cookies are cookies that support features of the Site, such as remembering your preferences.

    These cookies collect information about how you use our Site, including which pages you go to most often and if they receive error messages from certain pages. These cookies are only used to improve how our Site functions and performs.

    From time-to-time, we may engage third parties that track individuals who visit our Site. These third parties may track your use of the Site for purposes of providing us with certain marketing automation features (to help us improve our outreach to current and prospective clients) and providing you with targeted advertisements.