PCI Compliance

PCI Compliance


The PCI Security Standards Council (SSC) developed the PCI DSS in 2004 to respond to alarming growth in credit card fraud. PCI DSS provides a baseline of technical and operational requirements designed to protect account data. All organizations involved with payment card processing, including merchants, acquirers, issuers, and service providers must comply with PCI DSS.

The PCI DSS is comprised of 12 requirements, which provide consistent data security controls for secure payment environments. These controls apply to all organizations, which store, process or transmit payment cardholder data or organizations that can impact the security of the cardholder data environment (CDE).

Whether your organization is a large enterprise, service provider, or merchant, CyberGuard Compliance offers a comprehensive suite of services to help you achieve and continuously maintain PCI compliance.

Download Our Free Whitepaper:  Payment Card Industry Data Security Standard (PCI DSS) Compliance 

PCI Compliance Services

Our Qualified Security Assessors (QSA) and information security experts have developed an industry leading suite of services for PCI compliance. The services are all designed to support each other and our clients using an integrated methodology for compliance. CyberGuard Compliance PCI compliance services include:

  • Level 1 Assessments: CyberGuard Compliance QSAs leverage our industry leading methodology to deliver a full Report on Compliance (ROC) and Attestation of Compliance (AOC).
  • Self-Assessment Questionnaire (SAQ): Level 2, 3, and 4 merchants and services providers are required to complete a SAQ each year. CyberGuard Compliance PCI experts provide guidance, clarification, and assistance complying with requirements and completing the SAQ for your organization.
  • Web Application Testing: Annual web application testing addresses testing and reporting requirements in PCI DSS Requirement 6.6.
  • Vulnerability Scanning: Quarterly vulnerability scans from an Approved Scanning Vendor (ASV) addresses scanning and reporting requirements in PCI DSS Requirement 11.2.
  • Penetration Testing: Annual penetration testing addresses testing and reporting requirements in PCI DSS Requirement 11.3.
  • Remediation Services: CyberGuard Compliance offers a wide-range of remediation services including policy and procedures development, technical solutions design, project management, and third-party vendor solutions to key PCI DSS Requirements.