Your responsibility for data protection
As a company that processes International Payment Systems card data (e.g. credit card data), you share responsibility for protecting the data. Once larger volumes of such payment card data are under your responsibility, payment systems require that they demonstrate an annual PCI DSS audit by an accredited Qualified Security Assessor (QSA).
Analysis, documentation and certification of conformity
SRC’s QSAs will perform this PCI DSS audit for you. In the PCI DSS audit, the QSA examines whether the PCI DSS card data security requirements are being met. To this end, the QSA reviews policies and procedures, obtains processes and evidence, inspects system and network settings, and conducts interviews with responsible personnel.
Individual, customer-oriented approach
For the experts at SRC, this is not just a matter of working through a checklist, but of pursuing a customer-oriented approach. Our goal is to understand your business model and its environment, and then, based on our diverse experience, contribute ideas on how processes or technical environments can be redesigned, if necessary, to facilitate compliance. We guide you through the difficult task of mastering the ever-expanding requirements of PCI DSS.
Diverse regulated environments require diverse testing
Often, an environment does not consist of just one subject to be tested. In such diversely regulated environments, we use, if desired, the efforts incurred for the PCI DSS audit and audit other topics, such as PCI Card Production (PCI CP), ISO/IEC 27001 or data protection.