Tag Archives: Merchant

PCI DSS | PCI QSA Compliance Auditors, Assessors, Consultants for Alabama

Looking for high-quality, cost-effective PCI DSS compliance auditors, assessors, and consultants for Alabama businesses?  Then contact the Payment Card Industry Data Security Standards (PCI DSS) experts at NDB Advisory today. With years of experience helping businesses in today’s ever-growing regulatory compliance laws and mandates, NDB Advisory – under the guidance of PCI-QSA Charles Denyer (1-800-277-5415 – ext. 706 | cdenyer@ndbcpa.com) can get your Alabama business compliant in an efficient, comprehensive, and cost-effective manner.  We’ve helped companies all throughout the Southeast – and North America – in becoming PCI DSS compliant, and we can help you also – call today and let’s discuss your needs.

If you are involved in the storing, processing, and/or transmitting of cardholder data, compliance with the Payment Card Industry Data Security Standards (PCI DSS) is a must – no exceptions.  From helping organizations with the widely-known Self-Assessment Questionnaires to performing Level 1 onsite assessments as required by a Payment Card Industry Qualified Security Assessor (PCI-QSA) NDB is your “go to” firm when it comes to Alabama PCI compliance auditors, assessors, and consultants.  We’ve helped numerous businesses in the state of Alabama, and can help you also.

It’s also important to note that one of the largest and most often overlooked areas of PCI compliance is documented operational and information security policies and procedures.  Companies loathe developing them, what policies they do have in place are highly antiquated and outdated, and they never seem to find time in dedicating resources to such initiatives.  We’ve spent years developing our own highly customized set of PCI DSS specific policies and procedures, and they’re available for you to use!  Whatever your industry is – manufacturing, technology, healthcare – the experts at NDB can put together a comprehensive and cost-effective roadmap for PCI DSS compliance.  Call and speak directly with our top PCI-QSA, Charles Denyer, at 1-800-277-5415, ext. 706, or email him at cdenyer@ndbcpa.com today for PCI compliance auditor, assessor and consultants for Alabama.

PCI Qualified Security Assessor | PCI QSA | Call NDB Advisory

Looking for a PCI Qaulified Security Assessor (QSA) who is cost-effective, has years of experience in performing these types of audits and can assist your organizatin with all your PCI DSS needs? If so, then contact NDB Advisory, a nationally recognized boutique QSA firm specializing in PCI DSS assessments.

NDB Advisory offers a comprehensive, cost-effective and workable approach for meeting compliance with the Payment Card Industry Data Security Standards provisions. A structured PCI DSS Roadmap for compliance is undertaken for ensuring your organization is fully aware of the scope of the assessment along with the time, efforts and internal commitments required by you.

NDB Advisory has conducted PCI DSS assessments for a large range of companies. Additionaly, we have also worked with a number of smaller organizations who only have to "self assess" against the PCI DSS standards, but still needed the expert advice of a Qualified Security Assessor (QSA).

Additionally, you can email me directly at cdenyer@ndbcpa.com with any questions you may have regarding Payment Card Industry Data Security Standards (PCI DSS) compliance, and I will be more than happy to assist you in any way I can.

Good luck on PCI compliance.

PCI DSS | Industry Terminology you Should Know

If you are a merchant or service provider and the Payment Card Industry Data Security Standards (PCI DSS) provisions are being required for your organization, then take some time to learn about industry terminology that will ultimately give you a better grasp of the who, what, where and why of PCI DSS compliance.

  • Cardholder: This is the customer purchasing goods either as a "card present" or "card not present" transaction. The customer is the individual who receives the payment card and bills from the issuer.
  • Issuer: Bank or other organization issuing a payment card on behalf of a Payment brand., such as MasterCard and Visa.  Additionally, some payment brands issue cards DIRECTLY, such as American Express, Discover Card and JCB.
  • Merchant: The organization accepting the payment card for payment during a purchase.
  • Acquirer: This is the bank or entity that the merchants uses to process their payment card transactions.  They essentially receive the authorization request from the merchant and forwards it to the issuer for approval. The acquirer also provides authorization, clearing and settlement services to merchants. Lastly, the acquirer is also called a merchant bank, ISO, a payment brand (AMEX, Discover, JCB), but NEVER Visa or MasterCard.

To learn more about the Payment Card Industry Data Security Standards (PCI DSS) provisions, visit the official PCI DSS Resource Guide

PCI DSS Compliance Roadmap | What You Need to Know

A PCI DSS Compliance Roadmap should consist of a number of predefined phases for helping ensure your organization (be it a merchant or a service provider) is able to become PCI DSS compliant in an efficient and cost-effective manner.

With that said, listed below are the three main phases that encompass your PCI DSS Compliance Roadmap:

  • Phase I: PCI DSS Readiness Assessment
  • Phase II: Remediation & Implementation for PCI DSS
  • Phase III: Assessment & Reporting for PCI DSS

To learn more about these three (3) phases, visit pciassessment.org, an informative and in-depth website developed by a leading Payment Card Industry Data Security Standards (PCI DSS) consulting firm, NDB Advisory.

Generally speaking, this roadmap is for Level I Merchants and Service Providers who have to undergo and actual on-site assessment by a PCI Qualified Security Assessor (QSA) as approved by the Payment Card Industry Security Standards Council (PCI SSC).

Author: Charles Denyer