DigitalDefence
Home > Protect > Audits >> > PCI DSS Readiness

PCI DSS Readiness

Do you store, process, or transmit credit card data?

Have you experience a data breach involving credit card information, or other sensitive corporate or client data?

Do you have the technical means in place to determine if a data breach has occured?

The Payment Card Industry (PCI) Data Security Standard was developed by American Express, Discover Financial Services, MasterCard, and Visa to provide a common framework for handling credit card data. It mandates organizations handling credit card information to build and maintain secure network infrastructures and data handling processes.

Are you ready for PCI certification?

Our PCI Pre-Audit program discovers the deficiencies in your policies and practices, network infrastructure, and data systems prior to completing a PCI DSS audit. We will identify any gaps that may exist between your current state and the Compliance Requirements so that you can mitigate these before actual PCI certification testing.

Even if you're not required to be compliant with PCI, many organizations compare themselves against the PCI criteria to proactively assess the security and privacy of their data within their organization and during external transmissions.

Service Delivery

During the engagement, DigitalDefence will use interviews, on-site inspections, and technical tools to complete our audit. DigitalDefence will work with you throughout the compliance planning process—providing advice and consultation on the PCI data standard and compliance requires, analyzing project scope, and serving as your advocate with credit card companies. In addition, the following activities will be performed:

  • Identify your compliance requirements, and prepare an assessment checklist to guide the audit
  • Conduct a review of your security and privacy policies and practices;
  • prepare a data flow analysis, fully documenting where critical data are being gathered, analyzed, transmitted and stored;
  • Conduct a technical audit of your network architecture; special attention will be paid to your firewall and other security devices;
  • Conduct a vulnerability assessment and penetration test of the network, applications, and source code; and,
  • Identify all gaps between your present state and the PCI compliance requirements.

    • Using a Project Manager who specializes in security projects, DigitalDefence will provide full remediation assestance to address the gaps and achieve auditable compliance with all of the PCI standard.

    When the PCI pre-audit has been completed, DigitalDefence will continue to work with you to maintain compliance.



Datasheet - PCI DSS Readiness Assessment