We accompany you throughout the whole process

Across all phases of our certification process, we offer individual consulting services regarding the implementation of PCI DSS requirements. Our services include, for example, consulting on how to achieve compliance quickly and efficiently, reduce the audit scope, assessment of technical and organisational measures, support in creating required concepts, solutions or processes as well as Security Awareness Training for employees.

tipp_icon

Anna-Magdalena Kohl, PCI Professional & Sales

abtrennung_weiss

Your Certification Process

Our PCI DSS security audits are based on the requirements of the PCI Security Standards Council (PCI SSC) and are structured into the following phases:

During the course of a PCI DSS Scope Workshops we introduce the contents of the PCI DSS to you. While doing so, we discuss the applicability of the individual PCI DSS requirements with you, define the audit scope and together with you determine the next steps necessary to achieve PCI DSS compliance.
We verify compliance with the requirements of the PCI DSS during a Gap Analysis Analysis to prepare you optimally for the final certification. This enables you to detect existing deviations in processes and infrastructure at an early stage, and to correct them before the official PCI DSS certification takes place. In addition, we offer performance of the quarterly external and internal PCI DSS Security Scans, the quarterly Internal PCI DSS Reviews and the annual Penetration Test as required by the PCI DSS.
The PCI DSS certification consists of an On-Site Audit performed by a usd auditor. The actual test scope and the procedure are specified beforehand together with you. The audit is a formal assessment process to validate your implementation of the PCI DSS requirements. We document the results of the on-site audit including recommended corrective action, if required. You correct existing deviations from PCI DSS requirements. Subsequently, we perform a selective follow-up test (re-testing). Simultaneously, we issue the official audit report. After the report has been approved by you, we forward it to the credit card organisations for review. Following successful confirmation of compliance, we will issue a PCI DSS certificate and a seal of approval for use on your website.
Following the successful PCI DSS certification, we will support you in maintaining compliance by
performing Quarterly Workshops. We will discuss PCI DSS-relevant changes within your company as well as changes to the security standard itself with you and suggest measures to maintain PCI DSS compliance.

For detailed informationen on our approach and in-depth descriptions of our consultation and certification services for service providers, please download:

» PCI DSS Consultation and Certifcation Services by usd AG

abtrennung_weiss

Our Services – Overview

Your path to PCI Compliance.

  • Firewall Reviews

    Firewall Reviews

    Check your firewalls for vulnerabilities and satisfy requirement 1.1.7.

    More»
  • PCI DSS Gap-Analysis

    PCI DSS Gap-Analysis

    We verify your compliance with relevant PCI DSS requirements so you can optimally prepare for the PCI DSS certification.

    More»
  • PCI DSS Scope Workshop

    PCI DSS Scope Workshop

    Introduction to the contents of PCI DSS and clarifications on specific PCI DSS requirements with regard to your individual environment.

    More»
  • Consulting

    Consulting

    Security and organization. Concepts, consulting, reviews.

    More»
  • Internal PCI DSS Reviews

    Internal PCI DSS Reviews

    Quarterly, internal reviews to verify compliance with your processes. Satisfy requirement 11.2.1.

    More»
  • Security Awareness

    Security Awareness

    Visit our Security Awareness Platform!

    Would you like to enhance the Security Awareness of your employees? We will support you in meeting requirement 12.6.

    More»
abtrennung_weiss

For Housing Providers

As a housing (colocation) provider, your customers place high demands on your security. Create a decisive competitive advantage with your PCI DSS certification. As a housing provider, only parts of the PCI DSS requirements are relevant for you. Take a look at our procedure model, which is specially adapted to your needs.

» PCI DSS Certification for Housing Providers

tipp_icon