Payment Security & PCI DSS Policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards defined and published by the Payment Card Industry Security Standards Council. The standard was created to help prevent payment card fraud through increased controls around data and its exposure to compromise and applies to all organisations that hold, process or exchange cardholder information.
You can find Imperial College London's Payment Information Security Policy and Cardholder Data Handling Procedure below. Both these documents form part of our Payment Security Management System (PSMS) which is governed by our Payment Security Committee. If you have any queries about these documents, please email pcidsscom@imperial.ac.uk.
To report a payment security related incident, please refer to the incident reporting page.
PSMS Payment Information Security Policy
PSMS Cardholder Data Handling Procedure
All individuals handling card data are expected to comply with:
Conditions of use of IT resources