Writing A #PCI Compensating Control

This is a very popular topic these days as more and more organizations have to rely on compensating controls to comply with the PCI DSS. With the exception of requirement 3.2 – do not retain track data, any of the other PCI DSS requirements can be met with a compensating control.

First, let us get familiar with what is required for a compensating control. For v1.2 of the PCI DSS, there are seven elements to the compensating control.

via Writing A Compensating Control « PCI Guru.