PCI DSS assessments
PCI DSS assessments
With a dedicated staff of PCI accredited security experts, Sovereign is an ideal partner to help with all your PCI compliance requirements.
We provide PCI strategy, PCI programme management, PCI GAP analysis advice, PCI training and awareness and a range of other complementary services.
Our QSAs are focused on providing pragmatic advice to help organisations reduce the cost and impact of PCI DSS compliance.
What is PCI DSS?
PCI DSS compliance is mandatory for organisations that store, process or transmit cardholder data as part of their merchant agreement with their acquiring bank. The Payment Card Industry Data Security Standard or PCI DSS is a set of information security requirements designed to reduce payment card fraud and is applicable to any organisation that stores, processes or transmits cardholder data. PCI DSS is a global standard. In addition, adhering to PCI DSS is a way of keeping your organisation and your customer’s information safe from abuse. It could even help show that you comply with other regulations such as the General Data Protection Regulation (GDPR).
For all organisations that have to be PCI DSS compliant it is not an insignificant challenge. There are over 300 requirements that you need to design, implement and manage across your Cardholder Data Environment is difficult to achieve given everyday business constraints – legacy platforms, multiple service providers, staff shortages, business growth and constant change.
PCI DSS services offered:
- Introductory awareness sessions
- PCI DSS Programme management and strategy definition
- Scoping definition
- Gap analysis
- Internal and external (ASV) vulnerability scanning
- Penetration testing
- Remediation support
- PCI DSS solutions options analysis
- PCI DSS network design review
- Report on Compliance (ROC) assessments
- SAQ support and validation
- End user training and awareness; Incident response training and Securing the SDLC training
- Training & Policy development