PCI DSS QSA AssessmentOnsite, Level 1, Report on Compliance
Qualified Security Assessor
Any organization that processes, stores or transmits payment card data is required to comply with the Payment Card Industry Data Security Standard (PCI DSS). This standard is very broad covering network testing and architecture, internal policies and procedures, cardholder data access and software development The requirements apply even if cardholder data is never stored
Compliance requires constant diligence and regular validation of controls to maintain the security of cardholder data. Validation by internal or external assessors is always required. Non-compliance can have a major impact on your organization, including fines and legal exposure and a loss of brand trust with your customers.
- Assessment preparation and gap analysis
- PCI DSS validation and QSA attestation reports
- Cardholder data flow mapping
- Network, device, and personnel inventory creation and verification
- SAQ selection and completion
- Vulnerability testing – Internal and external network
- Penetration testing – Internal and external application, network and segmentation
- Application vulnerability security assessment
- Code review and analysis
- Cardholder data discovery scanning
TRUVANTIS PROVIDES EXPERT ASSISTANCE START TO FINISH
Truvantis’ PCI DSS compliance practice brings high-quality assessments, actionable remediation plans, and on-going assistance that help organizations achieve and maintain PCI DSS compliance.