PCI DSS is a proprietary information security standard for any organisation that processes, transmits or stores card holder information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure.
The level of PCI compliance a company needs to meet depends on the number of card transactions carried out annually. Merchant Levels are set by the big 5 card companies, Visa, MasterCard, JCB, Discovery and American Express and administered by the merchant’s bank and are dependant solely on transaction volumes.
PGI is a Qualified Security Assessor (QSA) authorized by the PCI Security Standards Council to assess compliance to the PCI DSS 3.1 standard, mandatory since April 2015. Our world class Security Consultants have also been assessed and trained by PCI SSC to carry client assessments and offer advice to companies who handle card data.Whether your company is a large multinational corporation or a SME, PGI can help you meet the PCI DSS requirements.
PGI offers four main services which guide an organization through the whole compliance journey or just a part of it, depending on your specific prerequisites.
The PCI Compliance Advice Service is aimed at all merchants and service providers who need help in demystifying the standard and how it applies to their organization.
The PCI Gap Analysis service is a process by which PGI’s Security Consultants conduct a thorough analysis of a client’s organization with the view to assess whether they fulfil the PCI standard and to identify any necessary remediation.The process usually involves site visits to work, a series of workshops and results in an all-inclusive report on the organization’s current PCI compliance state, as well as on the remediation measures needed to fully meet the requirements.
The PCI DSS Audit and Report on Compliance service offered by PGI is aimed at Level 1 Merchants and Service Providers for their annual Report on Compliance (ROC) which must be completed by a Qualified PCI QSA Company/Consultant.
At the end of the process, the Consultant will also produce an Attestation of Compliance (AOC) to be signed by both the QSA conducting the audit and the Executive Officer of the company being audited.
In order to remain PCI DSS compliant, companies must also undergo the mandatory testing requirements incorporated under the PCI Testing Services umbrella.
Mandatory testing requirements such as vulnerability and penetration tests are daily, periodic, quarterly and annual.
At PGI, we offer the full spectrum of PCI Testing Services, making it easier for your organisation and staff to complete the PCI compliance journey with minimum effort and headache.
In addition to the three main services which can help your organization acquire the PCI DSS certification, PGI also offers:
For more information on PCI DSS, Visa Europe Merchant Levels and our services, download the PCI DSS complete service sheet.
Call us now to discuss your requirements with one of our consultants.
Want to stay updated on the latest cyber-security news that can affect your organisation? Sign up now to our Cyber Insight Weekly delivered 1st day of every month.