PCI DSS
Payment Card Industry Data Security Standard or PCI-DSS affects the people, processes and technologies involved in the capture, storage, processing and transmission of cardholder data. One Compliance operates a world class team of PCI-DSS qualified security assessors (QSAs) leveraging experience within the card payments market space.
Scoping Review
Review PCI DSS scope reduction options that are available to you to remove people, processes and technologies from your PCI DSS scope. This can in turn reduce costs of maintaining compliance whilst also mitigating risks.
Address Controls
Ensure remaining controls are addressed appropriately and are fit for assessment. This will be completed with your Qualified Security Assessor (QSA) who can advise on the most cost-effective way to meet the controls needed.
Conduct Assessments
Validate that applicable PCI DSS controls are in-place through review of documentation, interviews with key stakeholders and observations of processes, actions, states, system settings, and configurations. Complete the reports for the bank and other business partners.
Programme Support
Small changes to payment platforms can have large impacts on PCI DSS compliance. Make a call and run your plans by a Qualified Security Assessor to make sure you aren’t going to have an unpleasant surprise waiting at your next PCI DSS assessment.
