Merchants and service providers are required by the credit card organizations to provide evidence of their PCI DSS compliance. Depending upon the classification of the risk of damage, auditing methods of varying levels of intensity must be used during the certification process.
Service providers classified as PCI DSS Level 1 and Level 1 and 2 merchants must have an on-site audit performed by a PCI Qualified Security Assessor (QSA). We can offer these merchants and service providers target-oriented consulting and certification services from a single source.
We operate efficiently and adapt our work approach to the specific customer situation. Our process model has repeatedly demonstrated its effectiveness in many successful certification projects and is structured in the following phases:
Scope Workshop
To determine the certification relevance of business segments and systems. Possibly existing, obvious deviations versus PCI DSS are highlighted.
Pre-Assessment (optional)
To check certification-relevant IT systems, documentation and processes regarding their PCI DSS compliance. We document and discuss deviations and provide a catalog of measures to eliminate them.
Remediation (optional)
To eliminate deviations and vulnerabilities identified in the Pre-Assessment. Experienced usd consultants will support you, as needed.
On-Site Audit
This is a formal process during which a certified auditor checks the PCI DSS compliance of processes, applications and systems within the scope of the audit.
Report on Compliance
The auditor prepares the official Report on Compliance. The audit scope, actual audit process and customer-specific implementation of PCI DSS requirements are documented in detail.
We would be happy to send you an offer tailor-made to meet your specific requirements. You can find detailed information about our services and prices in our PCI Competence Center.
| phone | +49 (6103) 90 34 90 | ||
| fax | +49 (6103) 90 34 99 | ||
| pci@usd.de |