Payment Card Industry Compliance

Any business that stores, processes or transmits cardholder data is responsible for ensuring that they achieve and maintain compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). The DSS defines requirements for the protection of consumers' payment card information while stored, in transit or during processing. Organizations that fail to comply with the PCI DSS potentially face significant fines, loss of customer goodwill, and may lose the ability to accept credit cards for payment.

PCI Qualified Security Assessor and Approved Scanning Vendor

Each payment card brand assigns merchants and service providers with a 'level', based on the organization's annual volume of payment card transactions. While every merchant and service provider must comply with all applicable requirements in the DSS, reporting requirements differ by 'level'. Organisations of all levels are required to have quarterly external network scans performed by an Approved Scanning Vendor (ASV). Additional reporting requirements include either the completion of a Self-Assessment Questionnaire or an onsite audit performed by a Qualified Security Assessor (QSA). 

As a PCI Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV), Infosec Partners helps clients meet and maintain PCI compliance. Our PCI services are designed to meet your specific requirements, with sustainable solutions to reduce the overall cost of compliance.