PCI Compliance Management Program

PCI-DSS Compliance Assessments

The Payment Card Industry Data Security Standard (PCI DSS) Program is a required set of security standards that were created by the PCI Security Standards Council to offer merchants and service providers a complete, unified way of safeguarding credit card account data.

The PCI Data Security Standard requirements apply to all entities that store, process, and / or transmit cardholder data.

The requirements apply to all methods of credit card processing, from manual to computerized; the most comprehensive and demanding of which apply to e-commerce websites, and retail POS systems that process credit cards over the Internet.

ISGRM Group, with its foundation of providing comprehensive information security validation and regulated security program compliance services to our credit union clients, recently introduced PCI-DSS compliance services, both in addition to our standard offerings and as a stand alone service. The PCI requirements continue to gain the attention of many organizations, yet confusion is abundant on what to do or even if they have to do anything about PCI.

Our approach is in line with the 12-step PCI compliance measures in order to:

  • Build and Maintain a Secure Network

    1-By constructing and maintaining a comprehensive Firewall to protect cardholder information

    2-By eliminating third party vendor, lax security criteria including passwords

  • Protect Cardholder Data

    3-By maintaining stored customer information privately

    4-By encrypting transmission of cardholder data across open, public networks

  • Maintain a Vulnerability Management Program

    5-By implementing anti-virus software controls

    6-By developing secure systems and applications

  • Implement Strong Access Control Measures

    7-By restricting cardholder access information to a “need-to-know” basis via the eCommerce solution

    8-By designating a unique online ID for each person accessing site from a computer

    9-By restricting access to physical payment card data

  • Regularly Monitor and Test Networks

    10-By constantly tracking and investigating cardholder data and network resource access

    11-By testing security protocols and protection processes

  • Maintain an Information Security Policy

    12-By up-keeping an industry standard awareness level commensurate with eCommerce security procedures

Benefits of PCI

• Reduce risk of breach and associated costs
• Fines
• Replacement cards
• Cost of fraud
• Reduce risk of reputational loss
• Loss of ability to process
• Loss of ability to accept payment cards
• Improve negotiation position with processors

ISGRM Group offers the following PCI compliance Services:

PCI DSS Gap Analysis / Readiness Assessment
• PCI DSS Remediation Support
• PCI DSS Assessment
• PCI Training
• QSA Consulting Services
• Network Testing
• External Vulnerability Scan
• Penetration Testing
• Internal Vulnerability Scans

 

For further information on our PCI Compliance Management Program, please contact one of our Sales representatives by calling (727) 537-9273 or by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it..

Contact Us

Contact ISGRM

We look forward to partnering with clients, new and existing, on their information security needs. Please don't hesitate to contact us if you have questions or wish to speak with us regarding one or more of our services.

Address

ISGRM
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Email

sales@isgrm.com

Phone

(727) 537-9273

Ready to meet your security & compliance requirements?

Book A Consultation
Address

ISGRM
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Contact ISGRM

Phone: (727) 537-9273

Email: sales@isgrm.com
Submit RFP

We welcome new clients
Save 20% on your assessments

Copyright (C) 2010 - 2024 Information Security Governance and Risk Management Group - ISGRM. All rights reserved.