Blog - Auditwerx

PCI – Where Did the Frequencies Go? Welcome to the World of Targeted Risk Analysis

With PCI DSS 4.0, nine of the requirements were rewritten to allow the assessed entity to define how frequently the control should be completed. While that flexibility sounded great to some folks, others weren’t exactly thrilled—because guess what? It means more paperwork. Every. Single. Year. These nine requirements now require a Targeted Risk Analysis (TRA) to justify the timing you choose. Let’s walk through each one and decide what might be best for your company.

Read More on Our Blog »

June 4, 2025

PCI 4.0.1 Requirement 12.8.5: Vendor Oversight, Responsibility Matrices, and Scope Implications

As organizations increasingly rely on third-party service providers (TPSPs) to support payment processing environments, the need for clear oversight and accountability has never been more critical.

Read More on Our Blog »

May 23, 2025

PCI 12.5.2 Scoping Exercise: A Comprehensive Guide

The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 introduced a formal requirement for a documented scoping exercise under PCI 12.5.2. This guide breaks down the scoping process, offering practical steps and tips to streamline compliance.

Read More on Our Blog »

May 2, 2025

PCI 4.0.1 – Key Changes You Need to Know

You’ve put it off, you’ve ignored it, you’ve just been busy… whatever the case, PCI Version 4.0.1 new requirements are a reality as of April 1, 2025. Let’s dive into each new requirement.

Read More on Our Blog »

March 10, 2025

Blog Final Rule Publication for CMMC 2.0 Sets the Stage for a Release in 2025

Final Rule Publication for CMMC Ready for 2025

The Department of Defense (DoD) has announced the final rule for Cybersecurity Maturity Model Certification (CMMC) 2.0, and contractors will be expected to meet these standards in 2025.

Read More on Our Blog »

October 22, 2024

Blog Cybersecurity Maturity Model Certification Program Final Rule Published

CMMC Program Final Rule Published

On October 15, 2024, the U.S. Department of Defense (DoD) published the final Cybersecurity Maturity Model Certification (CMMC) program rule in the Federal Register.

Read More on Our Blog »

October 22, 2024

Auditwerx Blog

Share this post

PCI – Where Did the Frequencies Go? Welcome to the World of Targeted Risk Analysis

PCI 4.0.1 Requirement 12.8.5: Vendor Oversight, Responsibility Matrices, and Scope Implications

PCI 12.5.2 Scoping Exercise: A Comprehensive Guide

PCI 4.0.1 – Key Changes You Need to Know

Final Rule Publication for CMMC Ready for 2025

CMMC Program Final Rule Published

Recent Posts

PCI – Where Did the Frequencies Go? Welcome to the World of Targeted Risk Analysis

PCI 4.0.1 Requirement 12.8.5: Vendor Oversight, Responsibility Matrices, and Scope Implications

PCI 12.5.2 Scoping Exercise: A Comprehensive Guide

PCI 4.0.1 – Key Changes You Need to Know

Final Rule Publication for CMMC Ready for 2025

CMMC Program Final Rule Published

Trusted Security Compliance Solutions

SOC Services

PCI Services

Healthcare Compliance

Privacy Compliance

Security Compliance

CMMC Services

About Us

Contact Us

Newsletter Sign Up

We use cookies to ensure the best experience. By accessing our site, you agree to our cookie policy.