Please feel free to use this “compliance dashboard” spreadsheet to sustain your PCI gap analysis exercise. It encompasses:

- All PCI DSS requirements grouped by section

- Guidance associated to each requirements (New)

- The major observation points from the 2011 Verizon PCI Compliance report for each requirement

- The PCI Glossary (New)

- The participants (actors) list

- The list of merchant types

- The compensating controls documentation sheet (New)

- The Validation Instructions for QSA/ISA for each requirement

- Indication of "relevance" by merchant types (A, B, C, C-VT, D). "1" indicates that the requirement is relevant.

- Priority level or milestones from the “prioritized approach” (1-6)

- A column "In Place" (Yes/no/notsure)

- A column "Stage of implementation (if not in place)"

- A column "Estimated date for completion"

- A column "Proofs/Documentation/Comment"

- A column "Remediation plan" (what must be done)

- A Column "Owner" (The individualor department in charge)

Link to the PCI Compliance Dashboard