@Rita Kobusinge ,
What is the role of the organization you're working with in the payment ecosystem? Are you an issuer/acquirer/merchant/service provider?
The functions that you mentioned cut a very wide path through some of the more complex areas of electronic payments – some of which there are very limited numbers of people who are trained and qualified to be able to audit/assess the compliance of those functional areas and systems with the applicable standards.
A good starting point, as Ian mentioned below, is the PCI Security Standards Council site, as they have most of the standards that apply. I would also urge you to reach out to the card brands that you work with – in particular, you can find information on VISA's PIN Security program at https://visa.com/pin
Jim Scardelis, CISA, CISSP, PCIP, VISA SA, CIPP/US, CIPP/C, CIPP/E, CIPT, PCI 3DS QSA, MCSE ✉️ email@example.com |�� http://www.linkedin.com/in/jimscard/
Any views or opinions contained in this communication are solely those of the author, and do not necessarily represent those of any organizations or entities the author may be associated with.