PCI Shared Responsibility Matrix
Supporting PCI Compliance in Guidewire Cloud
The Guidewire PCI Shared Responsibility Matrix outlines how PCI DSS responsibilities are divided between Guidewire and our customers when using Guidewire Cloud. This landing page provides a publicly searchable summary and access point for customers seeking guidance on compliance.
What Is It?
These documents clarify which party—Guidewire, the customer, or both—is responsible for implementing and managing specific PCI DSS controls across cloud-hosted Guidewire services.
By understanding and aligning on these responsibilities, customers can better manage their compliance posture and protect cardholder data.
Why It Matters
- Clarifies roles and responsibilities in achieving PCI DSS compliance
- Supports audit readiness and customer trust
- Empowers self-service access to compliance documentation
Guidewire’s PCI responsibilities apply only to services we manage. Customer-controlled systems and processes outside of Guidewire Cloud remain within your compliance scope.
Access the Matrix
View the PCI Shared Responsibility Matrix on Guidewire Community
Login required
Additional Resources
To further strengthen your understanding and implementation, these resources provide additional guidance on secure coding practices.
These resources provide detailed guidance on secure coding practices specific to Guidewire environments.
Was this page helpful?