Getting Started, It’s Easy
For the majority of merchants, getting compliant is as easy as filling out a basic self-assessment online questionnaire. If you are using a Converge (formerly Virtual Merchant) or another eCommerce program, the system will also do a scan of your network to look for vulnerabilities.
PCI Compliance is an Ongoing Process
Remember that compliance is a ongoing process. You want to make sure that you continuously monitor your business and keep up with the PCI standard and your security policies. Self-assessment questionnaires need to be filled out yearly, and security scans (if required) are quarterly.
The Payment Card Industry standards association has many in-depth resources at their site www.pcisecuritystandards.org