PCI DSS Services
PCI DSS compliance is mandatory for organisations that store, process or transmit cardholder data as part of their merchant agreement with their acquiring bank. Adhering to PCI DSS is a way of keeping your organisation and your customer’s information safe from abuse.
Becoming PCI DSS compliant is often a significant challenge. There are more than 300 requirements that you need to design, implement and manage across your Cardholder Data Environment. This is difficult to achieve and maintain given everyday business constraints – legacy platforms, multiple service providers, staff shortages, business growth and constant change.
FortConsult is the largest PCI certified Qualified Security Assessor in the Nordic region and the second largest in Europe. We have conducted comprehensive PCI assessments in some of the largest banks in the Nordic Region, Russia and all over Europe, yet also various types of financial service providers. We know all there is to know about the infrastructures, security mechanisms and business processes that are compiled within these types of organisations. This is very important for PCI projects.
FortConsult can help you at all stages of PCI compliance; from setting your PCI strategy through scoping, gap analysis, penetration testing aligned to the latest version of PCI DSS, remediation, auditing, reporting and maintaining your compliance year after year.
We offer the following PCI DSS services:
- Introductory awareness sessions
- PCI DSS Programme management and strategy definition
- Scoping definition
- Gap analysis
- Internal and external (ASV) vulnerability scanning
- Penetration Testing
- Remediation support
- PCI DSS solutions options analysis
- PCI DSS network design review
- Report on Compliance (ROC) assessments
- SAQ support and validation
- End user training and awareness; Incident response training and Securing the SDLC training
- Training & Policy development