Original Source: Reciprocity WRITTEN BY KAREN WALSH
"PCI DSS compliance comes with over 100 pages of requirements. However, the Appendices offer ways to think about how you can limit your risks. Limiting risk includes being able to limit your scope as well. Compensating controls help you be compliant with PCI DSS requirements when you do not have the architecture to meet a requirement.