“PCI SSC is now targeting a Q1 2022 publication date for PCI DSS v4.0. This timeline supports the inclusion of an additional request for comments (RFC) for the community to provide feedback on the PCI DSS v4.0 draft validation documents.”
A stakeholder preview is scheduled for Participating Organizations, Qualified Security Assessors (QSAs), and Approved Scanning Vendors (ASVs) for January 2022, with formal release scheduled for March 2022.
The PCI SSC blog outlines more details which includes the transition period for organizations to update from PCI DSS v3.2.1 to PCI DSS v4.0. PCI DSS v3.2.1 will remain active for 18 months once all PCI DSS v4.0 materials are released.
In addition to the transition period when v3.2.1 and v4.0 will both be active, there will be an extra period of time defined for phasing in new requirements that are identified as “future-dated” in v4.0.
For more details on this development, visit the PCI Perspectives blog.
SOURCE & IMAGE: PCI Perspectives Blog