PCI Compliance Services

IT Services PCI Compliance Services

PCI_Compliance

The PCI Data Security Standard has been mandated by all major credit card companies, and is intended to protect consumer cardholder data. To achieve PCI DSS compliance, all members, merchants, and service providers must adhere to the Payment Card Industry (PCI) Data Security Standard, which offers a single approach to safeguarding sensitive data for all card brands. Failure to comply with the PCI Data Security Standard may cause your processing privileges to be revoked. In addition, you may be fined up to $500,000 per incident.

C & G’s Check Payment Card Industry (PCI) Compliance option will protect your company and ensure that your processes and software meet the existing PCI DSS compliance standards.

Challenge
Unfortunately, companies now face increased scrutiny regarding PCI DSS compliance. Fines and penalties have increased dramatically for non‐compliance. According to VISA, 42% of large and medium‐sized US merchants have at times not reached their respective PCI DSS compliance deadlines. For many companies, this is the result of relying on manual assessment methods for PCI DSS audits requiring significant IT resources. In addition, manually checking  systems against PCI DSS requirements is time consuming can result in multiple errors. However, C & G can assist you with this process and ensure that you company meets all PCI DSS standards on time and without error.

C & G can help your business avoid fines and business constraints:

Our PCI Certification engagement focuses on the assessment, remediation, and certification of our client’s information and network securities. C & G’s collaborative approach will align your organization’s individual business units with your existing and anticipated technology needs according to the PCI Security Audit and Reporting Procedures. The following four‐phase process outlines the key activities, deliverables, and milestones we implement in order to ensure each organization’s PCI DSS compliance and certification:

Phase 1: PCI Assessment

• Review of all 12 core PCI DSS compliance standards
• Review of C & G’s PCI DSS approach, offerings, and deliverables
• The identification of key personnel responsible for compliance
• Specific project timelines and milestones

Phase 2: PCI DSS Gap Analysis

 

Phase 3: PCI DSS Remediation, Consultation & Implementation

• Collaborative review of the PCI DSS Gap Analysis findings and recommendations
• A complete remediation and implementation project plan
• Organizational remediation of recognized deficiencies and issues related to PCI DSS
compliance

Phase 4: PCI DSS Assessment and Reporting

• Assessment of your organization’s PCI DSS Compliance
• A thorough report outlining your current compliance
• PCI DSS v1.2 Compliance Certification
• Submission of required compliance reports to all applicable debit and credit card brands

Additional Services:

• Continued policy and procedure development
• Internal vulnerability and penetration testing
• Quarterly Network Vulnerability Scans by a certified PCI Analyst
• Technical remediation and consulting

PCI DSS Resource Documents

• PCI Data Security Standard Documentation

Back to top