Anthropic-Cybersecurity-Skills/skills/implementing-pci-dss-compliance-controls/references/standards.md

# Implementing PCI DSS Compliance Controls - Standards Reference

## Primary Standard
- **Standard**: PCI DSS v4.0.1
- **Governing Body**: PCI Security Standards Council

## Key Requirements
- Requirement 1: Install and maintain network security controls
- Requirement 2: Apply secure configurations to all system components
- Requirement 3: Protect stored account data
- Requirement 4: Protect cardholder data with strong cryptography during transmission
- Requirement 5: Protect all systems and networks from malicious software
- Requirement 6: Develop and maintain secure systems and software
- Requirement 7: Restrict access by business need to know
- Requirement 8: Identify users and authenticate access
- Requirement 9: Restrict physical access to cardholder data
- Requirement 10: Log and monitor all access to system components
- Requirement 11: Test security of systems and networks regularly
- Requirement 12: Support information security with policies and programs

## Cross-References
- ISO/IEC 27001:2022
- NIST Cybersecurity Framework 2.0
- CIS Controls v8.1
- COBIT 2019