The Payment Card Industry Data Security Standard (PCI DSS) is a multifaceted security standard that include requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. The comprehensive standard is intended to help organizations proactively protect customer account data by providing a 12-requirement structure for securing cardholder data that is stored, processed and/or processed and/or transmitted by merchants and other organizations. The standard was developed by the PCI Security Standards Council, a global organization founded by the five major credit card companies with the intent of producing, maintaining, and educating merchants on standard practices and procedures to transact credit card business securely.
University Policy 3.17 Accepting Credit Cards to Conduct University Business
Requirements of Annual Certification for PCI Compliance
2024 SAQ Supplemental Documentation Checklist
Supervisor PCI Attestation Template
Submit Training Attestation for Unit
Upload PCI Supplemental Documentation (requires authentication to access)
Cornell PCI Compliance Team
Technical Support:
- Tim Bradish tjb222@cornell.edu; 255-8316
- Tom Davko tomdavko@cornell.edu; 255-2995
Administrative Support:
- Kevin Mooney km484@cornell.edu; 254-1596
Director of Cash Management:
- Debra Federation dmf39@cornell.edu; 254-1597
