Author Archives: Sonia Fuller

PCI QSA Compliance Consultant, Auditor Oklahoma City, OK (OKC) | Boomer Sooner!

PCI-QSA compliance consultants for the metropolitan Oklahoma City region are offered by NDB Advisory, a nationally recognized PCI DSS consulting firm.  Call and speak with NDB’s senior PCI-QSA at 1-800-277-5415, ext. 706, or email him directly at info@pciassessment.org to learn more about our services offered.  Compliance with the Payment Card Industry Data Security Standards is mandatory for any organization involved in the storage processing, and/or transmission of cardholder data.  Additionally, compliance with PCI can be incredibly taxing, both operationally and financially, all the more reason for finding a highly experienced, well-qualified PCI-QSA, such as NDB Advisory.  NDB’s PCI services for the greater Oklahoma City region include the following:

  • PCI Gap Analysis and Readiness Assessments.
  • Level 1 Onsite Assessments.
  • Assistance with PCI DSS Self-Assessment Questionnaires (SAQ A – D)..
  • Assistance with filing all administrative documents as mandated by the major payment brands and other in-scope entities.
  • Penetration testing and vulnerability assessments.

Storing, processing, and/or transmitting cardholder data means PCI DSS compliance is a strict mandate, no exceptions.  From offering readiness assessments to Level 1 onsite audits – and much more – the trusted PCI experts at NDB Advisory are ready to help all businesses in the greater OKC metro area and all others in the Sooner State!  Save time and money by hiring PCI QSA compliance auditors and consultants that know Oklahoma businesses.  Call and speak today with a PCI-QSA today regarding PCI-QSA compliance consultants for the metropolitan Oklahoma City region.  

PCI DSS Auditor Philadelphia, PA, King of Prussia, Main Line, Jersey | Fixed Fees

PCI DSS auditor services for the greater Philadelphia, PA area are offered by the PCI DSS experts from NDB Advisory.  Under the direction of our senior PCI-QSA, NDB Advisory offers comprehensive, high-quality, yet cost-effective PCI DSS compliance services.  The Payment Card Industry Data Security Standards (PCI DSS) are without question some of the most challenging and time-consuming compliance mandates facing businesses throughout the globe – no question about it – what’s needed are experienced, highly-trained PCI compliance specialists.  If you’re looking for PCI DSS auditor services for the greater Philadelphia area, call a PCI-QSA today at 1-800-277-5415, ext. 706.  NDB has one of the industry’s longest licensed QSA’s, having worked for years in helping clients achieve PCI DSS compliance quickly and cost-effectively.  Notable PCI DSS auditor services for the greater Philadelphia, PA area from NDB Advisory include the following:

  • PCI DSS Readiness Assessments and Gap Analysis procedures.
  • Penetration testing and vulnerability scanning.
  • Technical and operational remediation and assistance.
  • Level 1 onsite reporting as mandated by an actual PCI-QSA.
  • Administrative assistance with filing of all necessary documents for VISA, MasterCard, and any other entities.
  • And any other as needed PCI DSS auditor services for the greater Philadelphia, PA

Merchants, service providers, and any other type of business that stores, processes, and/or transmit cardholder data must become compliant with the Payment Card Industry Data Security Standards – no exceptions. The challenge is finding a high-quality, well-trained, and cost conscious PCI DSS auditor services for the greater Philadelphia, PA area. That search is over with the PCI-QSA's of NDB Advisory.  Contact us today at 1-800-277-5415, ext. 706. 

PCI DSS QSA Los Angeles & San Diego | Fixed Fees | 800-277-5415, ext. 706

Call a Los Angeles & San Diego PCI DSS QSA today at 1-800-277-5415, ext. 706, or email him us at info@pciassessment.org to learn more about NDB Advisory’s comprehensive, high-quality, and cost-effective PCI DSS services for both merchants and service providers in the Southern California area.  The Payment Card Industry Data Security Standards – simply known as PCI DSS to many – are growing larger in scope each year, ultimately requiring any business that stores, processes, and/or transmits cardholder data to become compliant. What’s needed is an experienced and knowledgeable PCI DSS QSA, which is what NDB offers.

  • PCI DSS Readiness Assessments and Gap Analysis findings and procedures.
  • Penetration testing and vulnerability scanning.
  • Administrative assistance with filing all necessary documents with the major payment brands.

Call a PCI-QSA today at 1-800-277-5415, ext. 706 for trusted, proven, and cost-effective PCI DSS QSA assessments for Los Angeles, San Diego, Orange County, and all other areas within Southern California.  Merchants and service providers storing, processing, and/or transmitting cardholder data must become PCI DSS compliant.

The PCI DSS compliance requirements are arguably the most well-known set of mandates facing businesses throughout North America – and the entire globe – all the more reason to find a trusted and proven provider for helping get your business compliance in an efficient, comprehensive, and cost-effective manner.  

Denver PCI QSA Auditor & Consultant | Fixed Fees | Call 1-800-277-5415 ext. 706

In need of Denver PCI QSA auditor & consultant services – somebody with years of PCI DSS experience – then call a PCI-QSA  today at 1-800-277-5415, ext. 706, or email him us at info@pciassessment.org also. NDB has highly experienced staff on board that have assisted clients all throughout Colorado – and the United States – for PCI DSS compliance.  From merchants to service providers, and any other business in the Denver, CO area (Boulder, Fort Collins, Golden) requiring high-quality and cost-effective services, trust NDB Advisory, who offers the following PCI DSS services:

  • PCI DSS gap analysis reporting and readiness assessments.
  • Penetration testing and vulnerability scans.
  • Level 1 Onsite PCI DSS Assessments.
  • PCI technical, operational, and security remediation.
  • Administrative filing of required documentation with all major card brands

PCI compliance doesn’t have to be a tedious, expensive, and time-consuming process, all the more reason to contact a Denver PCI QSA auditor & consultant today and get started within an efficient, yet comprehensive PCI compliance program.  Remember, if you store, process, and/or transmit cardholder data, then being complaint with the Payment Card Industry Data Security Standards is a must – so call Denver a PCI QSA auditor & consultant today. From small merchants to large multi-national service providers,  NDB Advisory has put in place comprehensive and cost-effective compliance solutions, saving businesses tens of thousands of dollars and hundreds of operational man-hours.

Atlanta PCI Consulting | QSA | Fixed Fees | Experienced Auditors

Atlanta PCI consulting services consisting of highly experienced Payment Card Industry Qualified Security Assessors (PCI-QSA) are offered by NDB Advisory, an approved PCI-SAC organization offering Level 1 onsite assessments led by a trusted PCI-QSA.  Our PCI-QSA and his capable and highly experienced staff have conducted numerous PCI engagements for dozens of different industries and business sectors, offering comprehensive and cost-effective solutions.  Specifically, NDB Advisory also provides the following services for Atlanta businesses regarding Payment Card Industry Data Security Standards (PCI DSS) compliance:

  • PCI DSS Gap Analysis and Readiness Assessments.
  • Level 1 Onsite reporting as mandated by an actual PCI-QSA.
  • Penetration testing and vulnerability assessments.
  • Administrative reporting and filing of all necessary documentation with all major payment brands as required for PCI DSS compliance and validation.

As for NDB’s Atlanta PCI consulting, we’re into helping merchants, service providers and any other organization that works with cardholder data to get compliant – comprehensively, efficiently, and in a cost-effective manner. That means having all your ducks aligned – figuratively speaking – such as operational and information security policies and procedures, securely hardening and configuring system components, well-documented risk assessment processes and procedures, and much more. Compliance can be tricky and time-consuming, all the more reason for using the trusted experts at NDB Advisory, your Atlanta PCI consulting experts.  Call and speak with a PCI-QSA today at 1-800-277-5415, ext. 706, or email us at info@pciassessment.org. 

Businesses in Atlanta are being inundated with regulatory compliance mandates – PCI DSS compliance being one of the most widespread, affecting thousands of organizations throughout the state of Georgia.  Your solution for comprehensive and cost-effective PCI DSS compliance solutions are the trusted experts at NDB Advisory.  Call and speak with a PCI-QSA today at 1-800-277-5415, ext. 706, or email us at info@pciassessment.org  You’ll find our PCI-QSA and his Atlanta team of professionals at NDB Advisory to be highly knowledgeable, competent, and extremely well-versed on all important issues regarding compliance with the Payment Card Industry Data Security Standards (PCI DSS) mandates.

PCI DSS | PCI QSA Compliance Auditors, Assessors, Consultants for Alabama

Looking for high-quality, cost-effective PCI DSS compliance auditors, assessors, and consultants for Alabama businesses?  Then contact the Payment Card Industry Data Security Standards (PCI DSS) experts at NDB Advisory today. With years of experience helping businesses in today’s ever-growing regulatory compliance laws and mandates, NDB Advisory – under the guidance of PCI-QSA Charles Denyer (1-800-277-5415 – ext. 706 | cdenyer@ndbcpa.com) can get your Alabama business compliant in an efficient, comprehensive, and cost-effective manner.  We’ve helped companies all throughout the Southeast – and North America – in becoming PCI DSS compliant, and we can help you also – call today and let’s discuss your needs.

If you are involved in the storing, processing, and/or transmitting of cardholder data, compliance with the Payment Card Industry Data Security Standards (PCI DSS) is a must – no exceptions.  From helping organizations with the widely-known Self-Assessment Questionnaires to performing Level 1 onsite assessments as required by a Payment Card Industry Qualified Security Assessor (PCI-QSA) NDB is your “go to” firm when it comes to Alabama PCI compliance auditors, assessors, and consultants.  We’ve helped numerous businesses in the state of Alabama, and can help you also.

It’s also important to note that one of the largest and most often overlooked areas of PCI compliance is documented operational and information security policies and procedures.  Companies loathe developing them, what policies they do have in place are highly antiquated and outdated, and they never seem to find time in dedicating resources to such initiatives.  We’ve spent years developing our own highly customized set of PCI DSS specific policies and procedures, and they’re available for you to use!  Whatever your industry is – manufacturing, technology, healthcare – the experts at NDB can put together a comprehensive and cost-effective roadmap for PCI DSS compliance.  Call and speak directly with our top PCI-QSA, Charles Denyer, at 1-800-277-5415, ext. 706, or email him at cdenyer@ndbcpa.com today for PCI compliance auditor, assessor and consultants for Alabama.

PCI Compliance Auditor | Consultant | South Carolina | Fixed Fees

Call NDB Advisory today for PCI compliance auditor and consultant services for South Carolina businesses consisting of Level 1 onsite assessments, penetration testing, scanning and vulnerability, information security policy and procedure writing, along with numerous other supporting practices. South Carolina businesses that store, process, and or/transmit cardholder data are required to undertake compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions. Easier said than done – however – as PCI DSS compliance can be taxing, arduous and costly – all the more reason to call PCI-QSA Charles Denyer of NDB Advisory at 1-800-277-5415, ext. 706 or email him directly at cdenyer@ndbcpa.com today.

Because PCI DSS compliance is without question one of the most far-reaching and widespread regulatory compliance initiatives around the world, businesses need to depend on a proven and trusted source for helping them achieve compliance in a comprehensive, efficient, and cost-effective manner.  With years of PCI experience under his belt – PCI-QSA Charles Denyer and his staff at NDB Advisory can get the job done for you.  From conducting an initial PCI DSS Readiness Assessment to developing much needed information security policies and procedures, along with performing the actual audits, NDB Advisory is your “go-to” firm for PCI compliance auditor and consultant services for South Carolina.

In summary, NDB's PCI compliance auditor and consultant services for today's South Carolina businesses consists of the following:

  • PCI DSS Gap Analysis findings and Readiness Assessments.
  • PCI specific policy and procedure writing along with general information security policy and procedure writing.
  • Network layer and application layer penetration testing.
  • Internal and external vulnerability assessments.
  • Level 1 onsite Report on Compliance (RoC) assessments as conducted by a Payment Card Industry Qualified Security Assessor (PCI-QSA).
  • Administrative filing of the RoC and all other documentation with the major payment brands, such as VISA and Mastercard, and any other relevant parties.
  • Ongoing, quarterly compliance services for both merchants and service providers.

Call and speak today with PCI-QSA Charles Denyer at 1-800-277-5415, ext. 706 or email him at cdenyer@ndbcpa.com.

PCI DSS QSA Auditor for Atlanta, GA | Competitive, Fixed Fees | Call Today

Seeking a high-quality, PCI DSS QSA auditor for Atlanta, GA in helping your organization become compliant with the Payment Card Industry Data Security Standards (PCI DSS) provisions? Then contact PCI-QSA Charles Denyer of NDB Advisory at 1-800-277-5415, ext. 706, or email him directly at cdenyer@ndbcpa.com.  Charles is one of the industry's longest licensed QSA's, having performed numerous Level 1 onsite assessments for various companies and industries throughout North America. What's more, he can provide your organization with a competitively priced, fixed-fee engagement, along with providing a large number of supporting PCI DSS compliance resources, such as policies and procedures – and much more. PCI-QSA Charles Denyer and NDB Advisory of Atlanta offer the following services regarding Payment Card Industry Data Security Standards (PCI DSS) compliance:

  • PCI DSS Readiness Assessments | Gap Analysis findings
  • PCI Policy and Procedure writing services, with our industry leading, internally developed PCI policies and procedures.
  • Internal and external penetration testing, along with network layer and application layer penetration testing.
  • Administrative assistance with filing all necessary documentation with all major card brands, such as filing the Report on Compliance (RoC) with VISA for acceptance onto their master global service list.

Merchants and service providers – which essentially consist of millions of businesses throughout North America – are having to roll up their sleeves and get serious about compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions.  Trust the highly competent and well-skilled experts at NDB Advisory for helping you every step of the way, from initial PCI DSS readiness assessments and gap analysis findings to performing Level 1 onsite assessments.  NDB Advisory also provides much-needed PCI policy and procedure writing services with our highly customized templates.  NDB Advisory – your PCI DSS QSA auditors for Atlanta, GA.

Whatever your industry, PCI-QSA Charles Denyer and his staff at NDB Advisory have the skills and PCI “know-how” to get it done, all in a cost-effective manner. Call Charles Denyer today at 1-800-277-5415, ext. 706 or email him at cdenyer@ndbcpa.com to learn more about our PCI DSS QSA auditor services for Atlanta, GA.

 

 

8 PCI Compliance Requirements Every Business Needs to Know About

PCI compliance requirements are affecting virtually every industry and business sector, ultimately requiring organizations to undergo extensive measures for ensuring adherence to the Payment Card Industry Data Security Standards (PCI DSS) provisions. It’s thus important for merchants, service providers, and all other entities involved in the storage, processing, and/or transmission of cardholder data to understand what PCI compliance really means, that is, the “who, what, when, where, and why” of this ever-growing and expanding framework.  Charles Denyer, a noted Payment Card Industry Qualified Security Assessor (PCI-QSA), discusses the following 8 PCI compliance requirements that every business should know about:

1. Compliance is mandatory – Are you an organization that stores, processes, and/or transmits cardholder data, or have some type of credible nexus with such cardholder data? If so, then welcome to the world of PCI DSS compliance, which seems to be growing and expanding more and more.  For purposes of PCI, organizations are identified as either merchants or service providers, and along with these designations come varying compliance requirements, ranging from onsite assessments by a Payment Card Industry Qualified Security Assessor (PCI-QSA) to self-assessment procedures via the Self-Assessment Questionnaires (SAQ) available from the PCI Security Standards Council (PCI SSC).  

2. Policies and Procedures are a Must – One of the biggest mistakes I see as a PCI-QSA is merchants and service providers failing to understanding the fundamental importance of having documented policies and procedures in place for PCI compliance.  Sure, there are many technical requirements that must be met – no question about it – but the policy requirements can be just as arduous and taxing to complete. I recommend finding high-quality PCI compliance polices, such as those provided by pcipolicyportal.com.

3. Quarterly Scanning – Compliance with PCI for all merchants and service providers (regardless of transaction level) also consists of quarterly network scans, also known as "vulnerability scans", and it requires them to undergo both internal and external network scans.  And for initial PCI DSS compliance, four (4) passing quarterly scans is NOT required, but it is a strict requirement thereafter.  Additionally, scans are to be conducted by an Approved Scanning Vendor, known as an ASV, which is an organization ultimately approved by the Payment Card Industry Security Standards Council (PCI SSC) for conducting scans. Lastly – and this is important to note – internal and external scans are to be performed after any "significant" changes. What is "significant" – that's a question to discuss with a PCI-QSA, such as me, so give me a call if you have any questions at 1-800-277-5415, ext. 706.

4. Penetration Testing – PCI compliance requirements also include penetration testing, which is detailed in Requirement 11 of the actual Payment Card Industry Data Security Standards. In short, organizations will need to conduct a comprehensive pen test, which includes both external and internal tests, both from a network layer and application layer perspective.

5. Report on Compliance – If it’s an onsite assessment that’s required for your organization, then you’ll need to contact a Payment Card Industry Qualified Security Assessor (PCI-QSA), such as myself (Charles Denyer | 1-800-277-5415, ext. 706 | cdenyer@ndbcpa.com).  The end deliverable for an onsite assessment is known as the Report on Compliance, or “RoC” as it’s called in the industry.

6. SAQ vs. Onsite Assessments – The vast majority of merchants and service providers can meet PCI compliance via the self-assessment process, which essentially means completing a “Self-Assessment Questionnaire” and the accompanying Attestation of Compliance (AoC). However, a small, but growing number of organizations still require onsite assessments by an actual PCI-QSA.  The SAQ vs. Onsite Assessments are apples vs. oranges – very different in many ways – with costs being one of the most important to note.

7. If you process, store or transmit cardholder data, you’re in scope for PCI compliance – It’s really that simple and clear-cut. If you are involved in working with cardholder data in any way, then PCI compliance will surely be something to discuss amongst your organization.  Not only is non-compliance not a good idea, but your customers and other entities are starting to demand it now, more than ever before.  And this holds true especially for service providers, who are now being required to undertake compliance via SAQ D, or with an actual onsite assessment by a Payment Card Industry Qualified Security Assessor (PCI-QSA), such as Charles Denyer of NDB Advisory (cdenyer@ndbcpa.com | 1-800-277-5415, ext. 706).

8. PCI is a moving target – Forget about the "one and done" notion – compliance with the PCI DSS provisions requires a constant commitment, so just remember that.

PCI Compliance Atlanta GA | QSA Onsite Assessments, Audits, Consulting | Fixed Fees

As a trusted PCI compliance advisor to Atlanta, GA businesses, NDB Advisory provides QSA onsite assessments, audits, and consulting services to both merchants and service providers, along with any organizations involved in processing, storage, and transmission of cardholder data.  It’s a PCI world out there – and that’s putting it lightly – as almost every type of business is being highly affected by the Payment Card Industry Data Security Standards (PCI DSS) provisions.  From Level 1 onsite assessments to specialized consulting for Self-Assessment Questionnaire (SAQ) compliance, NDB and the trusted team of PCI compliance experts led by PCI-QSA Charles Denyer can help Atlanta business get compliant, stay compliant, all in an efficient and transparent manner.

As for NDB Advisory’s PCI DSS compliance services for Atlanta, GA, they include the following:

  • PCI DSS Readiness Assessments and Gap Analysis findings.
  • Level 1 onsite assessments performed by Payment Card Industry Qualified Security Assessors (PCI-QSA).
  • Remediation (both operational and technical).
  • Policy and procedure writing services for the numerous documents required to be in place for PCI DSS compliance.
  • Penetration Testing (both network and application layer).
  • Vulnerability Assessments (both internal and external).
  • Strategy and consulting services for all other related PCI DSS issues.

In summary, NDB Advisory’s Atlanta, GA PCI DSS compliance services include much more than just assessments – we provide a comprehensive set of solutions for today’s complex and demanding Georgia businesses. Give PCI-QSA Charles Denyer a call at 1-800-277-5415, ext. 706, or email him directly at cdenyer@ndbcpa.com.