Payment Card Industry - Data Security Standard
The Payment Card Industry (PCI) Security Standards Council touches the lives of hundreds of millions of people worldwide. A global organization, it maintains, evolves, and promotes PCI standards for the safety of cardholder data across the globe.
Who We Serve
We serve those who work with and are associated with payment cards. This includes merchants of all sizes, financial institutions, POS vendors, and hardware and software developers who create and operate the global infrastructure for processing payments.
What We Do
Helping merchants and financial institutions understand and implement standards for security policies, technologies and ongoing processes that protect their payment systems from breaches and theft of cardholder data.
Secure your payment ecosystem's environment
Defining and minimizing the appropriate scope for your credit card data environment is a critical part of our approach, especially for a client who is planning their first PCI assessment. Our consultants identifying in-scope components and processes. Depending upon the needs of our clients, we will provide a scope document and other required reports such as a “Next Steps Report” to aid in planning and in making strategic decisions.
This goes beyond the Pre-Assessment Readiness Review. Our QSA consultants will review and analyse the supporting PCI related data in greater detail and the data mapping is key to identifying gaps and areas of weakness. Our consultants provide remedial advisory along the way. A GAP report will document our findings, recommendations, and a road map to achieve compliance.
A Pre-Assessment “Readiness review” lays the groundwork and prepares you for undergoing a successful PCI assessment. In our experience, this also helps to prioritize efforts, establish milestones, and lowers the risk of surprises during the compliance process. We do not take a one-size-fits-all approach. Instead, we customize our approaches to focus on the areas where you need the most assistance and set priorities. A matrix of evidence mapping will be provided to assist the client in prioritizing next steps and remediation. Strategic recommendations are provided at the end of the Pre-Assessment.
For our Report on Compliance service (ROC), our QSA will focus on all pertinent areas of the current PCI DSS standard and dive into the details associated with each required control. Our PCI Compliance services utilize a combination of remote and onsite interviews, documentation review, walk-through of cardholder data processing environments, examining process flows, support systems, and all other areas associated with card-data processing. Once compliant, an Attestation of Compliance is completed at the end of the project.