There are a number of circumstances that organization is required to conduct a formal assessment of its compliance to the Payment Card Industry Data Security Standard (PCI DSS). This is determined by card brand entities such as Visa and MasterCard, and by acquiring banks, and even the processors who service merchants. You will need an assessment if:
You are a merchant doing more than six million transactions annually with MasterCard or Visa;
You are a merchant doing more than one million transactions annually with MasterCard and you do not have a PCI trained internal assessor on staff;
You are a merchant that has been breached or has been deemed to represent exceptional risk; and / or
You are a service provider to merchants that can impact the security of their payment transactions and you have access to a large volume of transactions annually.
The PCI DSS Assessment is a detailed review of an organization's card data environment using a standard methodology and reporting format that results in a Report on Compliance (ROC). This is often referred to as the "Level 1" method of compliance validation.
The QSA assigned to your PCI QSA Assessment will work with you to ensure you fully understand the process and any aspects that are specific to your environment (such as how site sampling will be performed). They will perform an in-depth review of each of the DSS requirements (more than 200 of them) through interviews with personnel, configuration and documentation reviews and other forms of evidence gathering to demonstrate compliance with the DSS requirements. The resulting Report on Compliance serves as your proof of PCI compliance validation.
Some organization will require extra assistance in preparing for their PCI Assessment or even getting ready to become PCI compliant in the first place. In these circumstances, TripleSEC conducts what is known as a PCI Readiness Assessment to identify the gaps, generate a road map and work with you to become certified.
Contact Us Today.
Whether you are looking for general information or have a specific question, we want to help.
ARE YOU TRIPLESEC?