MasterCard is now requiring both Level 1 and Level 2 Merchants to undertake an annual on-site assessment by a Qualified Security Assessor, known as a QSA. This is significant because there are a large number of Merchants that used to able to "self assess" with a self assessment questionnaire. This is no longer the case and merchants will have to become compliant with this new provision by December 31, 2010.

Thus, Mastercard strongly encourages all Level 1 and Level 2 Merchants to seek out a QSA in helping beging this process, which can be arduous and time-consuming, to say the least.

Some helpful hints are to conduct a PCI DSS Readiness Assessment and to also make sure your organization has PCI DSS policies and procedures in place for meeting the requirements as statated in the PCI guidelines.

To learn more about PCI compliance, visit the official PCI DSS Resource Guide.