What is a PCI DSS Audit?
Payment Card Industry Data Security Standard is a set of security standards that ensure all organisations process information and maintain a secure environment. The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council.
Applicability
Any business that indulges in processing credit and debit card payments have to compulsorily comply with the strict PCI DSS compliance requirements for the all the functionalities related to card data.
Objective
The objectives of PCI DSS Audit are as follows:
- Ensure firewall configuration has been maintained to protect all cardholder information.
- Protect card holder data from malicious attacks.
- To encrypt card holder data when being transmitted through open or public networks.
- Regularly test and ensure that security systems are up to date.
- To maintain policies that address information security related issues for all personnel.
Approach
Our approach has been covered in 5 phases. These include:
Phase 1: Understand Business Process
Phase 2: Identify Gaps
Phase 3: Controls Design & Implementation
Phase 4: Controls Evaluation
Phase 5: Certification
Invite certification agency for the certification audit
Why CyberSRC®?
Established in January 2018, CyberSRC® Consultancy offers the full machination of cyber security services ranging from threat intelligence, VMS to general advisory services in areas pertaining to Cyber security such as vulnerability attacks, compliance, and cyber security regulations, and laws. We are into system audits such as ISNP Audits, NBFC Audits, UCB Audits, PPI Audits, and SEBI Audits. We provide our solutions with better accountability. We are a certified assurance firm. We are an ISO 27001 certified organization, backed by a very diverse and dynamic team.