Повний комплекс послуг для сертифікації за стандартом PCI DSS

Повний комплекс послуг для сертифікації за стандартом PCI DSS

Illustration

PCI DSS

The Payment Card Industry Data Security Standard is a set of requirements to ensure the security of cardholder data stored, transmitted, and processed in company information systems. 
This standard was developed by the Payment Card Industry Security Standards Council (PCI SSC) founded by international payment systems such as Visa, MasterCard, American Express, JCB and Discover.

SUBMIT YOUR APPLICATION
Illustration

PCI DSS

The Payment Card Industry Data Security Standard is a set of requirements to ensure the security of cardholder data stored, transmitted, and processed in company information systems. This standard was developed by the Payment Card Industry Security Standards Council (PCI SSC) founded by international payment systems such as Visa, MasterCard, American Express, JCB and Discover.

SUBMIT YOUR APPLICATION

Who is required to have a PCI DSS audit? 

The PCI DSS requirements apply to all organizations that participate in cardholder data processing, including merchants, processors, acquirers, emitters, and service providers. PCI DSS also applies to all other companies that store, process or transmit cardholder data (CHD) and/or Sensitive Authentication Data (SAD).

How often do you need to recertify? 

PCI DSS recertification must be done annually.

Results of PCI DSS compliance certification 

    Reports from external ASV and internal network scans (after each scan)

    Internal and external penetration test reports

    Wi-Fi scan reports

    Updated regulatory documents in the IS sector

    Completed and validated Report on Compliance (RoC) or Self-Assessment Questionnaire (SAQ) and Attestation of Compliance (AoC)

    PCI DSS Compliance Certificate

 Stages of service provision 

  • Preparation

    1. Preliminary audit2. External vulnerability scan (ASV) of network3. Internal vulnerability scan of network4. Assessment of client’s corporate network security by performing external and internal pentests5. Search for unauthorized Wi-Fi access points6. Penetration tests for network segmentation control tools

  • Certification audit

     1. Collection and analysis of organizational and regulatory documents, information about the client’s Cardholder Data Environment (CDE) system composition
    2. Analysis of processes related to protection and maintenance of system components in the CDE
    3. A compliance audit of the client’s CDE system components according to the PCI DSS requirements:
    ● Interviewing client employees (third-party, if necessary) within the audit procedure developed by the PCI SSC consortium and adapted by the QSA consultant
    ● Analysis of the client’s CDE system component settings and configurations
    ● Assembling an evidence base for compliance of the client’s CDE system components with the PCI DSS requirements
    4. Analysis of security assessment reports on the external and internal perimeter of the client’s CDE network
    5. Development of reporting documents for acquiring banks and International Payment Systems, Report on Compliance (RoC) or Self-Assessment Questionnaire (SAQ), as well as Attestation of Compliance (AoC)
    6. Sending the AoC by the consultant to the VISA international payment system to confirm successful completion of the PCI DSS audit

Thank you!

We will contact you shortly

Can't send form

Please try again later.

Illustration

IT Specialist will perform quick, high-quality and comfortable PCI DSS certification for your business.

Order PCI DSS certification or ask us a question. Our experts will contact you as soon as possible!

The information security expert team of IT Specialist has over a decade of experience in the industry. Our core competences are audit, design, implementation and support of information security services.

Call us

Office
+38 (044) 390 81 90

Sales Department
+38 (096) 390 81 90

Write us

moc.icpteg%40icpteg

Come for coffee

Sigma Business Center,
6 Vatslav Havel blvd., block 3,
03124, Kyiv, Ukraine

The information security expert team of IT Specialist has over a decade of experience in the industry. Our core competences are audit, design, implementation and support of information security services.

Call us

Office
+38 (044) 390 81 90

Sales Department
+38 (096) 390 81 90

Write us

moc.icpteg%40icpteg

Come for coffee

Sigma Business Center,
6 Vatslav Havel blvd., block 3,
03124, Kyiv, Ukraine

Команда експертів інформаційної безпеки компанії IТ Спеціаліст з досвідом роботи в галузі понад 10 років. Основна наша спеціалізація - проведення аудитів, проектування, впровадження та підтримка засобів інформаційної безпеки.

Зателефонувати

+38 (044) 390 81 90

Написати 

moc.icpteg%40icpteg

Приїхати на каву

Бізнес-центр Sigma,
бульвар Вацлава Гавела, 6, корпус 3,
Україна, Київ, 03124

Команда експертів інформаційної безпеки компанії IТ Спеціаліст з досвідом роботи в галузі понад 10 років. Основна наша спеціалізація - проведення аудитів, проектування, впровадження та підтримка засобів інформаційної безпеки.

Зателефонувати

+38 (044) 390 81 90

Написати 

moc.icpteg%40icpteg

Приїхати на каву

Бізнес-центр Sigma,
бульвар Вацлава Гавела, 6, корпус 3,
Україна, Київ, 03124

Made with