Changes to PCI DSS v4.0 Reporting: In Place with Remediation

When PCI DSS v4.0 was released in March 2022, a new reporting option was included to document requirements that were “In Place with Remediation.” The goal of this option was to promote security as a continuous process, by providing a means for organizations to identify areas needing improvement year over year. While stakeholders agreed that this was a valuable tool for improving security, recent feedback indicates that there may be a better way to achieve this goal.