Card And Payment Solutions AB

PCI DSS

CAPSAB PCI DSS v3 Excel template

Our PCI DSS Excel template assists you in the process of assessing your current PCI DSS v3 status and create an action plan on what is needed to be performed to move forward and become PCI DSS v3 compliant. The template is built upon the official PCI DSS v3 requirements documentation and includes functions to easy document your current status. The spreadsheet is easy to work with and fields that shall not be edited is protected and can not be altered. The use of drop-down lists to record current status enables delegation of this task as all the statuses is well defined and will be consistent throughout an organization.

Click here to download PCI DSS template!

For each demand the template includes fields to add information in regards on your current status and where to find documented information see sample below

PCI DSS v3 template sample

PCI DSS template can be filled with information as depictured:

PCI DSS v3 template sample

Filling in the ”Implementation grade” makes the PCI DSS status change and showing in bright colors your current status, adding information regarding responsible, where to find documents and comments helps to provide you quick access to all information during an on-site QSA audit. The only mandatory fields are the implementation grade, all other can be chosen not to be used, however our recommendation is that you compile all this information and make this spreadsheet your master document to be used during an on-site assessment.

The implementation grade is used to compile the list of controls that are not in place as depictured below, this function depends of the usage of macros which you need to enable before creating the list.

PCI DSS v3 not in place sample list

Above list is compiled using the provided macro and gives your organization and complete list of what PCI DSS controls that are not met and an project plan can be created using this information.

The implementation grade is also used to compile management reports that shows your current PCI DSS compliance per area that is updated in real time when you enter your data in the template, sample displayed below

PCI DSS maturity graph

Above shows a sample graph of security maturity in the organization where values below 3 indicates an non compliance towards PCI DSS, the maturity graphs is divided per  chapter.

The template also includes function to compile a list of all PCI DSS demands that are met by an compensating control, this list shall be used to ensure that all compensating control worksheets (CCW) are in place and updated, sample of such report

PCI DSS v3 sample CCW list

Also included in PCI DSS template

– Sample cardholder data flow

– CCW template in Excel format

– Introduction and explanation of how to use template

– Macros to create list of not in-place and CCWs.

 

Click here to download PCI DSS template!

If there is any questions on how to use the template or that you would like to suggest changes to it, please do not hesitate to contact me, all contact information is included in the spreadsheet. Also if you organization do need assistants in any of the phases before, during or after an assessment CAPSAB is able to provide such help, feel free to contact us with your requests as we do have PCI DSS experts to help your organization to meet PCI compliance.

Back to Top