PSC Payment and Security Experts
Services Solutions Allinaces Company Resources
   Overview
   Payment
   Security
   Compliance

Compliance Services

PSC is a leading PCI Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV) and one of an elite few companies qualified globally to provide expert services and solutions to organizations that require specialist compliance or consulting support in the areas of Payments, Security or Compliance.

To ensure Independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.

Payment Card Industry Data Security Standard (PCI DSS)
The PCI DSS aligns the Visa International Account Information Security (AIS) program, the Visa USA Cardholder Information Security Program (CISP), MasterCard Site Data Protection (SDP) program, American Express Data Security Operating Policy (DSOP) and Discover Information Security and Compliance (DISC) streamlining requirements, compliance criteria and validation processes.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the standard are organized:

  • Build and Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy
Find out more about PCI DSS Services


Payment Application Data Security Standard (PA-DSS)
The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI Data Security Standard (PCI DSS).

Find out more about PA DSS Services


Penetration Testing
The purpose of penetration testing is to footprint, enumerate and potentially exploit vulnerabilities in web application(s) and network infrastructure using automated tools and manual mechanisms, above and beyond what simple automated scanning tools can achieve.

Network and application penetration tests are different from vulnerability scans in that penetration tests are more manual. They attempt to actually exploit some of the vulnerabilities identified in scans, and follow practices used by hackers to take advantage of weak security systems or processes.

Find out more about Penetration Testing Services


Vulnerability Scanning
Security scans assist in the identification of vulnerabilities and mis-configuration of web sites, applications, and information technology (IT) infrastructures with Internet-facing IPs.

Find out more about Vulnerability Scanning Services


Training
Training has become increasingly important for any organization wishing to obtain certification to any standard (PCI, ISO, AICPA etc). PSC offers a wide range of training solutions individually tailored to the organizations needs. Training is provided at the organizations offices or online and targeted specifically for those organizations employee requirements.

Find out more about Training Services


Policies & Procedures Documentation
Development and implementation of a comprehensive documentation set is vital, for any organization that wishes to achieve compliance. PSC offers a range of documentation products for all compliance targets and completely customizable for any size of organization.

Find out more about Policies & Procedures Documentation Services


PCI PIN/PED Review
PCI PED has been introduced to minimize the risk profile inherent in card transactions. The PCI PED Security Requirements contain physical and logical security device requirements for both online and offline PIN entry devices (PED), as well as device management requirements for activity prior to initial key loading. PCI PED applies to manufacturers that sell PIN pads and terminals with internal PIN pads.

Find out more about PIN/PED Review Services


International Standards
PSC staff has direct experience in the readiness and assessment of important international standards, including:
  • ISO 27001
  • ISO 9000
  • ISO 9564
Find out more about International Standards Services


Government Criteria
  • HIPAA - Health Insurance Portability and Accountability Act data security requirements
  • SOX - Sarbanes-Oxley and corporate governance related to information security
  • GLBA - Gramm-Leach Bliley Act
  • European Union Data Directive
Find out more about Government Criteria


Assurance Specialist for Accounting Firms
As qualified specialists in information security and electronic payment systems, PSC is uniquely capable of assisting public audit firms with readiness and fieldwork during assurance engagements, including:
  • SAS No. 70 Type I and Type II
  • AICPA trust services, including SysTrust, WebTrust and WebTrust CA
  • Note: A licensed accounting firm must be involved in these engagements. PSC works as a technical specialist to help Clients prepare for these audits and to aide the accounting firm given our technical expertise in payment systems and security.
Find out more about Assurance Specialist Services
Proven Solutions For:
Proven Services:
Copyright © 2008-2010 PSC. All Rights Reserved. Privacy Policy | Site Map