Consulting, Evaluation and Certification (QSA)
Payment Card Industry – Data Security Standard (PCI DSS)
The credit cards industry is one of the more important in the world nowadays, moving millions of money daily. With a financial volume of this magnitude, it is expected that it is a target for frauds and robberies.
To reduce this risk, in 2006 it has been created the “Payment Card Industry Security Standards Council”, a council involving the biggest names of cards in the world where it has been defined the “Payment Card Industry Data Security Standard (PCI-DSS)”, with the minimum safety rules that the companies that make, process, transmit or store the credit card information must follow.
AuditSafe, in the condition of a Qualified Security Assessor (QSA) has a highly specialized team to aid your company in obtaining the PCI-DSS certification through the following services:
- Aid in the PCI scope definition;
- GAPs identification;
- Conformity continuous management;
- Technological and non-technological vulnerability management;
- Events monitoring;
- External and internal invasion tests with PCI methodology;
- Development of internal politics;
- Ambient analysis, official pre-evaluation;
- Ambient evaluation and certification in PCI DSS.
Thinking in the safety and conformity of our clients with the PCI-DSS requirements, AuditSafe has a strong quality process (Quality Assurance) approved by the PCI Council, being also its partner-founder a participant in this process and also being certified as Qualified Security Assessor (QSA).
There are four levels of PCI DSS conformity, being:
Level 1: For companies that process more than 6 million card transactions per year.
Level 2: For companies that process from 1 million up to 6 million card transactions per year.
Level 3: For companies that process from 20,000 up to 1 million card transactions per year.
Level 4: For companies that process less than 20,000 card transactions per year.
Consulting, Evaluation and Certification (QPA)
Payment Card Industry – PIN Security (PCI PIN)
AuditSafe, being qualified to certificate companies in the PCI PIN Security as a PCI QPA, offers a service totally focused in all Latin America.
The scope of our works consists in doing:
- Certification scope revision.
- Workshop PIN Security.
- Gap analysis and creation of 1 (one) Action Plan.
- Consulting support to follow the Action Plan and the remediation.
- PCI PIN Security Certification Process with the issue of RoC and AoC reports.