Three of the clarifications within PCI DSS fall within the introduction to the standards.

FORBES: Payment Card Industry Punts On Key Security Questions

They will not be included within the standards themselves but will be clarified within new supplemental PCI DSS documents.

FORBES: Payment Card Industry Punts On Key Security Questions

Compare policies to various compliance regimes such as PCI DSS (Payment Card Industry Data Security Standard) and generate reports for audits.

FORBES: Reduce Policy Complications to Enhance Security

On Thursday, the PCI Security Council released a document hinting at the changes expected in the fall in both PCI DSS and the Payment Application Data Security Standards (PA DSS).

FORBES: Payment Card Industry Punts On Key Security Questions

Despite the fact that every security framework from Cobit to ITIL to ISO calls for vulnerability scanning, and PCI DSS requires it, most organizations are still doing it on an ad-hoc basis, if at all.

FORBES: Vulnerability Intelligence Versus Vulnerability Management

And, in the payments industry, self-policing is in place through the PCI-DSS (Payment Card Industry Data Security Standard) which, while not a federal law, has become law in some states.

FORBES: The Epsilon Hack Attack: Time For "SOX For Consumers"?