Payment Card Industry - Data Security Standard (PCI DSS)

Overview

The PCI DSS (Payment Card Industry Data Security Standard) provides guidelines to organisations that process credit cards as to how they can prevent credit card fraud, cracking and other security vulnerabilities and threats by implementing best practice security in their infrastructure and processes.

We provide services to plan and implement the required PCI DSS controls that will meet the following high level requirements:

Build and Maintain a Secure Network
Protect Cardholder Data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks

Gap Analysis

Teamwork will review the current situation against the PCI DSS standards to identify to what extent existing controls, policies and business processes are effectively implemented and what gaps are present and need to be addressed.

A detailed report identifies clearly what needs to be done and by whom, with appropriate timescales and recommendations for resources.

Implementation

Teamwork will provide consultancy support to improvement action owners in order to help them implement improvement actions in a pragmatic and timely manner. When required, Teamwork will provide expert technical advice and guidance on information security management issues.

Assessment

Teamwork assists customers to complete a PCI audit assessment of its compliance against the 12 Requirements in the DSS. A detailed report is generated to show where compliance exists and document recommendations where there is non-compliance.

Remediation

Not only does Teamwork make recommendations to correct any non-compliance, it also provides consultancy to ensure that remediation activities are carried out in an appropriate manner to ensure compliance.

Maintaining Compliance

Once compliance to the PCI DSS has been achieved, Teamwork can provide consultancy services under a managed service contract to help your organisation continue to comply with the requirements.