service

PCI QSA

As Qualified Security Assessors (QSA), CipherTechs has been qualified by the Payment Card Industry (PCI) Security Council to independently assess compliance to the PCI Data Security Standard (DSS) standard.

A CipherTechs QSA is qualified to perform a PCI gap analysis to assist an organization getting started in accepting credit cards or a PCI Audit for a Report on Controls (RoC) to submit to their processor or bank and even assistance in completing and attesting to a PCI Self-Assurance Questionnaire (SAQ). CipherTechs QSAs are available for onsite or remote support during assessments and audits.

Who is it for

Any organization who needs a starting point to review current security processes and controls for processing credit cards to meet PCI DSS or the formalized audit to submit to the organization’s processor or bank for their annual certification.

How is it performed

CipherTechs QSAs establishing the timeline for completion of annual certification or gap analysis and understands the business model for processing credit cards, then the QSA conducts a series of interviews with the client personnel in charge of IT operations, cyber security, application developers, and call centers to gather evidence and observe the organization following their documented controls. It may also be necessary to bring in other stakeholders for new hire, terminations, and third-party processes to meet PCI DSS compliance. A formalized report, RoC, or SAQ will be delivered as the final deliverable, with any requested follow up.

CipherTechs also offers many of the key independent third-party services including:

  • PCI Quarterly Scans
  • Annual External Penetration Test
  • Annual Internal Penetration Test
  • PCI Web Application Test
  • PCI Risk Assessment

CipherTechs can also assist in the development or customization of many of the assorted policies and procedures in PCI DSS requirement.

CipherTechs can also assist in the development or customization of many of the assorted policies and procedures in PCI DSS requirement 12CipherTechs QSA auditors can also prepare EI3PA reports to verify that that customers are properly safeguarding Experian credit bureau data.