PCI DSS White Knight Service

PCI DSS compliance is no longer optional for most merchants accepting or processing card payments. Becoming compliant and maintaining compliance requires substantial expertise and resource. We can supply this expertise and resource to you.

Consultancy


 

Ward Solutions has been working with PCI DSS amongst many compliance frameworks over long periods. We have developed our PCI DSS programme of services designed to provide you with all of the consultancy, implementation and maintenance services, resources and expertise for specific compliance frameworks. Our PCI DSS is designed to assist you in obtaining and keeping PCI DSS compliance.

We offer a range of PCI services:

  • PCI Workshop to confirm the project requirements and provide an understanding of PCI DSS to key stakeholders. This service also includes advice on PCI scope reduction at a high level.
  • PCI Gap analysis to uncover areas of non-compliance with PCI DSS, this service includes delivery of a report with detailing findings, highlighting the non-compliances with recommendations for remediation in each case. Ward will also advise on scope reduction, where possible, to help lessen the burden of PCI Compliance.
  • Assistance with completing your Self-Assessment Questionnaire (SAQ) and signing of the Attestation of Compliance (AOC) by a Qualified Security Assessor. This activity can be preceded by a PCI Workshop and for complicated environments it may be best to conduct a Gap Analysis first.
  • Pre-Audit: An audit against all the requirements of PCI DSS to test a client’s readiness for a full Level 1 PCI Audit. This can be scaled down to a sample audit with the intention of testing your key stakeholders and priming them for an official audit.
  • PCI Documentation review: Review of existing documents and policies, normally part of the Gap Analysis but can be acquired as a separate service.
  • Implementation/Remediation Assistance: Ward have staff with a wide range of expertise that can be drawn on for assistance with remediation tasks.
  • Quarterly PCI Vulnerability Scans of all in scope External and Internal IP addresses. Ward offer a PCI Scanning Subscription Service through Qualys, the international number one provider.
  • External Penetration Test: A thorough security test of in scope network perimeter IP addresses in line with the PCI Security Council guidelines.
  • Internal Penetration Test: A security test of all internal IP addresses in scope.
  • Web Application Testing and provision of Web Application Firewall’s
  • Official Level 1 PCI DSS Audit: A formal Assessment and production of an official Report on Compliance with the PCI DSS. Ward issue a PCI Certificate to organisations who meet the requirements of PCI DSS. (Level 1 Merchants and Service Providers)
  • PCI DSS Remote support agreement: Telephone & email based support to answer PCI based questions, typically affecting your compliance.

If you’d like to know more about this service, speak to our security consultants today, e-mail grainne@ward.ie or call +353 1 6420100 or +44 28 90 730 187 to discuss your unique requirements.