NDB provides PCI DSS Readiness Assessments and Gap Analysis consulting services for organizations seeking to become compliant with the Payment Card Industry Data Security Standards (PCI DSS) provisions. Whether your organization is looking for assistance with the PCI DSS Self-Assessment Questionnaires (SAQ) or requires an actual Level 1 on-site assessment by a Qualified Security Assessor (PCI-QSA), NDB's highly skilled and competent consultants provide the following pre-assessment services:
• Discussing your overall PCI needs, timeframe for compliance, expectations, etc.
• Properly scoping the assessed cardholder data environment (CDE) as required by the PCI DSS provisions for all 12 requirements, sub-requirements, and the all-important Appendix A.
• Providing all necessary PCI DSS policy and procedure templates, along with active assistance in customizing and developing said documents.
• Recommending numerous open-source and cost-effective tools for PCI compliance, such as the following:
- Web Application Firewalls.
- Two-factor Authentication systems.
- File Integrity Monitoring (FIM) solutions.
- Anti-Virus Software.
PCI DSS Readiness Assessment & Gap Analysis Services - It's About Getting you Ready
It is critical that organizations undertake a PCI DSS Readiness Assessment | Gap Analysis engagement for ensuring the overall success of one's PCI certification process. A poorly planned, under-funded, incorrectly scoped engagement will lead to numerous delays, operational constraints, and numerous other challenges. Thus, look upon a PCI DSS Readiness Assessment as not merely an additional cost to the engagement, but a highly useful, proactive, and necessary process for achieving PCI compliance in an efficient, cost-effective, and timely manner.
Keep in mind that one of the most notable areas for remediation for PCI is that of policies and procedures - or the lack of them - for which merchants, service providers and all other intended parties must develop. Lead PCI-QSA Charles Denyer of NDB has developed his own set of customized PCI policies and procedures, which are included with any type of PCI engagement that NDB undertakes.
NDB has also developed pciassessment.org, a comprehensive website dedicated to the Payment Card Industry Data Security Standards (PCI DSS) provisions. You can learn more about NDB's PCI DSS services at the official PCI DSS Resource Guide. Additionally, you can learn more about the top issues often requiring remediation for organizations undertaking PCI DSS compliance via a three (3) part series written exclusively by NDB's lead PCI-QSA, Charles J. Denyer.
Helpful White Papers