Tag Archives: pci dss

PCI DSS QSA Auditor for Atlanta, GA | Competitive, Fixed Fees | Call Today

Seeking a high-quality, PCI DSS QSA auditor for Atlanta, GA in helping your organization become compliant with the Payment Card Industry Data Security Standards (PCI DSS) provisions? Then contact PCI-QSA Charles Denyer of NDB Advisory at 1-800-277-5415, ext. 706, or email him directly at cdenyer@ndbcpa.com.  Charles is one of the industry's longest licensed QSA's, having performed numerous Level 1 onsite assessments for various companies and industries throughout North America. What's more, he can provide your organization with a competitively priced, fixed-fee engagement, along with providing a large number of supporting PCI DSS compliance resources, such as policies and procedures – and much more. PCI-QSA Charles Denyer and NDB Advisory of Atlanta offer the following services regarding Payment Card Industry Data Security Standards (PCI DSS) compliance:

  • PCI DSS Readiness Assessments | Gap Analysis findings
  • PCI Policy and Procedure writing services, with our industry leading, internally developed PCI policies and procedures.
  • Internal and external penetration testing, along with network layer and application layer penetration testing.
  • Administrative assistance with filing all necessary documentation with all major card brands, such as filing the Report on Compliance (RoC) with VISA for acceptance onto their master global service list.

Merchants and service providers – which essentially consist of millions of businesses throughout North America – are having to roll up their sleeves and get serious about compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions.  Trust the highly competent and well-skilled experts at NDB Advisory for helping you every step of the way, from initial PCI DSS readiness assessments and gap analysis findings to performing Level 1 onsite assessments.  NDB Advisory also provides much-needed PCI policy and procedure writing services with our highly customized templates.  NDB Advisory – your PCI DSS QSA auditors for Atlanta, GA.

Whatever your industry, PCI-QSA Charles Denyer and his staff at NDB Advisory have the skills and PCI “know-how” to get it done, all in a cost-effective manner. Call Charles Denyer today at 1-800-277-5415, ext. 706 or email him at cdenyer@ndbcpa.com to learn more about our PCI DSS QSA auditor services for Atlanta, GA.

 

 

PCI DSS | Industry Terminology you Should Know

If you are a merchant or service provider and the Payment Card Industry Data Security Standards (PCI DSS) provisions are being required for your organization, then take some time to learn about industry terminology that will ultimately give you a better grasp of the who, what, where and why of PCI DSS compliance.

  • Cardholder: This is the customer purchasing goods either as a "card present" or "card not present" transaction. The customer is the individual who receives the payment card and bills from the issuer.
  • Issuer: Bank or other organization issuing a payment card on behalf of a Payment brand., such as MasterCard and Visa.  Additionally, some payment brands issue cards DIRECTLY, such as American Express, Discover Card and JCB.
  • Merchant: The organization accepting the payment card for payment during a purchase.
  • Acquirer: This is the bank or entity that the merchants uses to process their payment card transactions.  They essentially receive the authorization request from the merchant and forwards it to the issuer for approval. The acquirer also provides authorization, clearing and settlement services to merchants. Lastly, the acquirer is also called a merchant bank, ISO, a payment brand (AMEX, Discover, JCB), but NEVER Visa or MasterCard.

To learn more about the Payment Card Industry Data Security Standards (PCI DSS) provisions, visit the official PCI DSS Resource Guide

Requirements of Service Provider | PCI DSS Service Provider Levels

Requirements of Service Providers for Payment Card Industry Data Security Standards (PCI DSS) compliance are as follows:

VISA (Levels 1 to 3):

  • Annual onsite review by QSA
  • Quarterly network scan by ASV
  • Annual Self-Assessment Questionnaire
    (Canada: SAQ required and must be reviewed by QSA)

American Express (AMEX):

  • Annual on-site review by QSA (or internal auditor if signed by officer of merchant company)
  • Quarterly network scan by ASV

Discover:

Quarterly network scans by ASV AND one of the following:

  • Annual on-site review by QSA (or internal auditor if signed by officer of Service Provider)
  • Annual self-assessment questionnaire

JCB:

  • TPP validation requirements will be outlined in forthcoming JCB rules and regulations.

MasterCard:

  • Level 1 SP's: Annual on-site review by QSA AND Quarterly network scan by ASV
  • Level 2 SP's: Annual self-assessment questionnaire AND Quarterly network scan.

To learn more about Payment Card Industry Data Security Standards (PCI DSS) compliance, visit the official PCI DSS Resource Guide.

PCI Qualified Security Assessors (QSA) | Call NDB Advisory

Looking for a quality, cost-effective PCI DSS Qualified Security Assessor (QSA)? If so, then contact NDB Advisory, as we have years of experience in working with the PCI DSS compliance framework. What's more, we understand where the roadblocks can be and what it takes to eliminate these costly and timely issues that create problems for obtaining PCI DSS compliance for merchants and service providers.

NDB Advisory is a nationally recognized boutique consulting firm specializing in Payment Card Industry Data Security Standards (PCI DSS) compliance for merchants and service providers. We specialize in Level I Report on Compliance (ROC) assessments and we can help you every step of the way. From writing policies and procedures to the issuance of the final ROC report, let us help you obtain PCI DSS compliance in a cost-effective manner.

To learn more about us, visit pciassessment.org, a comprehensive site dedicated to all aspects of PCI DSS compliance for merchants and service providers alike.