Are there alternatives, or compensating controls, that can be used to meet a requirement?

If a requirement is not, or cannot, be met exactly as stated, compensating controls can be considered as alternatives to requirements defined by the PCI DSS. Compensating controls should meet the intention and rigor of the original PCI requirement, and should be examined by the assessor as part of the regular PCI compliance audit.

Chat With Us

We are here for you!
Talk to a fellow human.


United States

+1-888-266-6361

International

+1-703-581-6361

Chat With Us

We are here for you!
Talk to a fellow human.


United States

+1-888-266-6361

International

+1-703-581-6361