PCI self-assessment

For those facing PCI compliance, there's a handy self-assessment questionnaire on the PCI Security Standards Council website. As you can imagine, a lot of the questions are around the network and the policies around how data is managed, but there's some stuff in there for application development teams, specifically secure coding practices and security testing. I've found it to be a helpful document.