PCI DSS Targeted Risk Analysis (TRA): What to Know
Introduction As of March 31, 2025, Targeted Risk Analysis (TRA) will become a mandatory requirement for several controls in PCI DSS v4.0.1. This requirement affects both merchants and service providers equally, marking a significant change in compliance procedures. Key Points About TRA Requirements When is TRA Required? Organizations must implement TRA if they: When is…
