The Payment Card Industry Data Security Standard (PCI-DSS) is a brief, pragmatic and very reasonable set of standards intended to guide financial institutions, retailers and other data processors in protecting data about credit cards and their owners.
It is organized into six logical categories:
PCI-DSS is unique among major regulatory requirements for corporations and government agencies in that it specifically lays out what organizations must do and what they must not do to comply. This makes compliance much more straightforward than regulations such as SOX, HIPAA, etc. which are ambiguous in regards to information security.
To fulfill all of the requirements in PCI-DSS, organizations must deploy a combination of sound business practices and various security technologies, including firewalls, virus scanners, identity management systems and more.
The full text of the PCI DSS version 3.2 may be found here:
This document outlines how components of the Hitachi ID Identity and Access Management Suite can assist organizations in compliance with PCI-DSS.