|
Companies that want to
develop a detailed plan for achieving compliance with
the new PCI DSS Standard Version 1.1. |
|
Companies that want to
perform and implement compensating controls prior to their
formal PCI DSS audit by a QSA-certified auditor. |
|
Companies that want to
expose their senior executives to the PCI DSS process,
how it impacts current business strategy, the potential
costs of compliance and non-compliance. |
The scope of our PCI DSS Assessment Planning
includes a thorough review of your company’s current
business processes that involve any credit card data, vendors,
suppliers or customers. After mapping the business processes
our QSA-certified auditor will overlay the 6 control areas
and 12 requirements of the new PCI DSS Standard, review any
compensating controls, and interview key stakeholders. Our
team will then prepare a recommended strategy and implementation
plan for encouraging all of your partners to maintain a minimal
level of security based on the needs of your business and
the level of access needed by your vendors.
The Assessment Planning will cover all 6
control areas of PCI DSS Standard Version 1.1:
|
Build and Maintain a Secure
Network |
|
Protect Cardholder Data |
|
Maintain a Vulnerability
Management Program |
|
Implement Strong Access
Control Measures |
|
Regularly Monitor and
Test Networks |
|
Maintain an Information
Security Policy |
After an initial call, the Arsenal Security
Group Senior Partner will prepare a statement of work within
2 days and we normally can begin an engagement within two
weeks. During the engagement we will use interviews, questionnaires,
physical tours and technical tools to develop our assessment.
We will use a QSA-certified auditor in tandem with our QSA-certified
Senior Partner to complete an engagement. We will provide
an executive summary, a detailed report with all
of our findings, recommendations and a final on-site presentation.
Our engagement is not complete until all of our deliverables
have been reviewed and accepted by our client.
About
Arsenal Security Group
Arsenal Security Group is a security
consulting firm that is focused on close client coordination
and collaboration. From the initial meeting through the final
presentation, one of Arsenal Security Group’s Senior
Partners will be the primary contact for all engagement activities.
We proactively conduct weekly calls with our client when engaged
and meet with clients on a quarterly basis to review and understand
their security posture – even when we are not actively
engaged on assignment to ensure they are aware of new security
risks or regulatory changes they may impact their business.
^^ Top |
