Your Path to Achieving PCI DSS Compliance is a Phone Call Away

I want to tell you about a small non-profit, level 4 merchant who struggled with achieving PCI DSS Compliance.

Two years ago they hired a local QSA company that provided some training and a summary of recommendations. This summary didn’t  provide an assessment of where they are vs where they needed to be for PCI Compliance purposes.

Nor did the summary include clear, actionable steps that this non-profit could implement to improve their compliance posture and stop the monthly fines for non-compliance.

After engaging with  Payment Card Assessments, we put together a statement of work that provided them with an affordable gap assessment for their cardholder data environments.

In our final set of deliverables we:

1. Outlined actionable steps to improve their processes and procedures, especially around stored payment card data.

2. Provided side by side analysis of v3.2.1 & v4.0 requirements

3. Recommended a path to maintaining continuous PCI Compliance for not just v3.2.1 but for v4.0 as well.

After they crossed the finish line and submitted their attestation of compliance for both their e-commerce and P2P environments, we received the following email:

You gave us more actionable steps than the QSA did. I believe we’ll be thanking you for the next 6 months."

Achieving PCI DSS Compliance Is No Easy Feat

We’re here to help. Are you ready to tackle your PCI DSS Compliance responsibilities and establish a continuous PCI DSS Compliance program?

At Payment Card Assessments, we developed our 3 Pillars of PCI DSS Compliance Excellence and through these pillars, we provide thorough:

We can show you the way to creating and maintaining a PCI Compliance Program that your acquirer will love.

We bring a combined 20+ years of PCI DSS Compliance experience and well over 35 years each of IT Security and Project Management experience to the table. 

Learn more about our leadership team and schedule a call today!


Discover more from Payment Card Assesments

Subscribe to get the latest posts sent to your email.

31 Jul 2024

Embrace the Suck: PCI DSS Compliance Requires Evidence

As the saying goes,“the proof is in the pudding”

Or in this case, the proof is in your policies, standards, processes, procedures, configuration settings, access control lists, network diagrams, interviews and so much more.

Yes, PCI DSS Compliance is hard.

And it most certainly is a pain in the a$$ to do day in and day out.

Trust me, I’ve been there.

I know what you’re going through.

Keep Reading!

Leave a Reply

Discover more from Payment Card Assesments

Subscribe now to keep reading and get access to the full archive.

Continue reading