The PCI Security Standards Council, the body that manages payment security industries guidelines, on Friday released a methodology for meeting a risk management requirement included in the standard. The "PCI DSS Risk Assessment Guidelines Information Supplement" (PDF) was created to help organizations meet the PCI Data Security Standard's 12.1.2 provision, which mandates the establishment of a "formal process for identifying threats and vulnerabilities that could negatively impact the security of cardholder data."