As an authorized QSA audit company for the PCI DSS, PA-DSS and P2PE standards, we carry out audits according to the requirements of the PCI Security Standards Council (PCI SSC) and the program guidelines of the individual PCI standards. All over Europe, payment service providers, processors, software manufacturers and merchants trust our audit experts with their vast experience in PCI certification.
The scope analysis and any possible subsequent scope optimization pinpoint the relevant areas of PCI certification. According to the PCI guidelines, the scope analysis is primarily the client’s responsibility. Our experienced auditors and their know-how give support to our clients in the analysis of the existing PCI scope. If this analysis reveals optimization possibilities for a reduction of the extent of the scope, then our highly experienced experts can help to design an optimized scope, as well as the implementation work which will be required to achieve it.
During a gap analysis, we review the current ACTUAL status of the IT infrastructure and check the processes and documentation for compliance with the respective PCI requirements. The results of the gap analysis reveal the adaptation work and modifications which are needed to prepare a business for a compliance audit. The gap analysis gives clients detailed and significant information which will help them to identify and establish the corrective actions which form the basis of successful PCI certification.
We offer a wide range of workshops for our clients, from general introductions to the respective PCI standard to technically challenging workshops for your in-house specialists. The aim of every single workshop is to provide our clients with tailor-made information and knowledge on PCI requirements at all levels. Benefit from our many years of experience in projects for diverse client groups and sectors.
We can offer you a wide range of training courses which can be held at your company premises. These courses cover topics which are relevant for PCI certification, or, in most cases, may even be a prerequisite for successful certification. Examples of topics are awareness training and secure coding courses, for example. We also offer security training course which are tailored to your respective needs – simply get in touch to ask us about them.
During the deployment phase as well as throughout the year between reaudits, we advise and support our clients in all matters relating to PCI compliance. Use our consultants as competent sparring partners for clarification of compliance-related issues.
Do you need support with the deployment of new technologies or processes? We can advise you on understanding and adhering to the PCI requirements and how they impact the reimplementation or adaptation of existing systems and processes.