The Payment Card Industry Data Security Standard (PCI DSS) was created to ensure security and protect personal information for transactions processed via payment card. Any entity that processes, stores or transmits credit card data must comply with the standard. Failure to meet the PCI DSS Standard may result in fines from credit card companies and banks, and inability to process credit card transactions.
Validation of compliance is required annually and although all entities must be compliant, the reporting requirements may vary. For organisations handling large volumes of transactions validation is done by an external PCI Qualified Security Assessor (QSA). For companies handling smaller volumes of transaction validation is via a Self-Assessment Questionnaire (SAQ).
Backed by technology partners, methodologies, and consulting expertise, Southern Cross can offer your organisation best-practice security measures through comprehensive assessments, planning, and design consultation. Our PCI methodology is designed to follow the requirements outlined in the PCI Security Auditing & Reporting Procedures by the PCI Security Standards Council.
Southern Cross can offer collaborative services to:
- assist your organisation with strategic planning and readiness activities in preparation for PCI compliance
- educate your organisation about the PCI security standard and the respective PCI Compliance requirements (including self-assessment questionnaire, quarterly network vulnerability scanning and on-site audits)
- articulate the objectives, strategies and requirements for reporting to your executive management on PCI DSS requirements