PCI Compliance Dashboard - New version including SANS Top20 Critical Security Controls

Blog Post created by dgodart on May 21, 2012



According to what we are hearing from the field, there are quite a big number out there of active users of this PCI Compliance Dashboard. Encouraged by your feedback and your assitance we worked on this new release. Among other great enhancements it encompasses references to the SANS Top 20 Critical Security Controls. A deeper analysis paper on PCI-SANS matching and deviation areas will follow but for now on, enjoy this new version of the PCI Compliance Dashboard.


What's New?


  • Add a table of content and navigation links
  • Add a "Scope" sheet allowing you to define your Card Data Environment (CDE)
  • Update the Executive summary showing progress on your PCI compliance journey based on the selected merchant type
  • Add the option to automatically hide/unhide non applicable requirements associated to the selected Merchant Type
  • Split Graphs Compliance % and Severity Level per requirements into two disctinct sheet
  • Add a documentation sheet allowing you to list your PCI related materials (technical, policies and procedures).
  • Rename the "Actor sheet" to "PCI Team"
  • Add the selection of Owner name based on the "PCI team" sheet
  • Add a column "SANS Top 20 Critical Security Controls" matching subcontrols for each PCI requirement wherever possible.
  • Add a sheet " SANS-PCI" listing all SANS Top 20 Critical Security Controls and sub-controls together with  PCI requirements partially or fully matching the sub-controls. Also % of match for each SANS Controls.
  • Update links to the PCI 30 seconds newsletters


For a complete list of features see the PCI Compliance Dashboard page. 


If you like this tool:

Let us know by leaving us a comment or suggestion on the Compliance Dashboard page

Let us know by clicking on the "I like it" icon on the Compliance Dashboard page

Recommend it to others


Link to the Compliance Dashboard page