The Advanced Security and Express Security modules include the ability to audit EFT for compliance with the PCI DSS requirements. EFT scans all PCI DSS requirements addressed in EFT, and then reports on the compliance status of each requirement (Pass, Fail, or Warning). The report also provides a description of the requirement tested for each item. For failed requirements, the report presents a reason the non-compliant setting was used, if you provided one at the time that particular setting was disabled/changed.
To generate the PCI DSS Compliance report
To generate the report in real time, do one of the following:
On the main menu, click Report > PCI DSS Compliance Report. A report is generated for each high security-enabled Site.
In the Site's Event Rule node, click Report Event. In the right pane, click Run Now. The report is e-mailed to the e-mail address defined in the Rule.
To generate the report on a recurring schedule, define a Scheduler Timer Event Rule with the Generate Report Action. In the Event Rule, you can define whether to e-mail the report and/or save the report to a file. A report is generated specific to the Site on which the Event Rule is configured.
For a description of each PCI DSS requirement covered in the report, refer to How PCI DSS Requirements Addressed.
For details of generating reports, refer to Generating a Report.