Best Solutions For Your Business
Our Services
PCI DSS audit & certification
The Payment Card Industry Data Security Standard (PCI DSS) is a set of information security standards formed in 2004 by major credit card companies including Visa, MasterCard, Discover Financial Services, JCB International, and American Express. Governed by the Payment Card Industry Security Standards Council (PCI SSC), the standard aims to secure the process of credit card and debit card transactions against theft/fraud. Although, the set Standard is not a legal obligation, but is a requirement to safeguard cardholder data and debit/credit card transactions. So, all organizations that accept and process debit/credit card payments are expected to undertake an annual PCI DSS Audit. This would typically include an audit of security controls and processes, covering data security such as retention, encryption, physical security, authentication, and access management.
Service Options
Awareness training
Awareness training
Conduct awareness sessions for IT Team and personnel involved in the card data processing, on key requirements of PCI DSS
Initial study
Initial study
 Conduct initial study to understand card processes, the technical environment and accordingly decide PCI scope
Scope definition
Scope definition
Identify the systems that fall under the PCI DSS scope and formulate the scope statement
Gap analysis
Gap analysis
Identify gaps in organization’s security control systems and environment against PCI DSS standard’s requirements
Data and asset classification
Data and asset classification
 Identify critical information assets, data assets and classify them
Data leakage assessment
Data leakage assessment
Conduct thorough data leakage assessment of systems and application and identify remediation
Risk assessment and risk treatment
Risk assessment and risk treatment
Conduct thorough study of risks analysis to identify impact the risks to business-critical assets of the organization.Â
Training internal auditors
Training internal auditors
 Identify the suitable team structure who can conduct internal assessment
Documentation support
Documentation support:
We help in preparing appropriate of policies and procedures as required by PCI DSS Standard
Pre-assessment and certification support
Pre-assessment and certification support
 Help organization to assess the results of internal assessment. Once effectiveness of policies, procedures and controls are confirmed
Documentation rollout
Documentation rollout
 Releasing PCI DSS documentation (policies, procedures, BCMP). Help teams understand policies and procedures