Payment Card Industry Data Security Standard (PCI DSS) is an information security standard jointly developed by major credit card companies intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
ACinfotec in partnership with Nexusguard Consulting, a leader in PCI DSS consulting service in Asia Pacific, team up to work with you to ensure that your card data environment is secure and meet PCI DSS requirements. Our PCI DSS services include,
Our assessor will work with you to define the scope and verify your card data environment (CDE). After the scope of your CDE is established, our assessor will proceed with an evaluation of the PCI DSS requirements as they apply to your CDE. A gap analysis report along with recommendations and remediation options will be delivered to you to provide you with a full understanding of your current state of compliance.
PCI DSS Onsite Assessment determines the data security posture of your organization. It is required for service providers and Level 1 merchants. Our QSA assigned to your PCI QSA Assessment will perform an in-depth review of each of the DSS requirements through Interviews with personnel, configuration and documentation reviews. Report on Compliance (RoC) will be delivered to you as a proof of PCI compliance validation.
Once the gaps in PCI compliance are identified, you may need assistance in remediating them. Our consultant will work with you to ensure that your remediation strategies are impeccable and that the result is best for a long term, ongoing compliance.
ACinfotec PCI DSS Methodology
Who we are?
PCI Qualify Security Assessor (QSA)
Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI DSS standard. Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS.
PCI Approved Scanning Vendor (PCI ASV)
An ASV is an organization with a set of security services and tools to validate adherence to the external scanning requirement of PCI DSS Requirement 11.2.2. The scanning vendor’s ASV scan solution is tested and approved by PCI SSC before and ASV is added to PCI SSC’s List of Approved Scanning Vendors.
The Payment Application Data Security Standard (PA-QSA)
Payment Application Qualified Security Assessor (PA-QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI PA-DSS standard. Payment Application Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI PA-DSS.