Payment Card Industry (PCI) QSA Services 

Whether you are a level one or level four retailer, financial institution, hospital, restaurant, hotel, e-merchant, or using a third party payment provider, if your organization accepts, acquires, transmits, processes, or stores data that contains payment card information, you MUST protect the confidentiality, integrity, and privacy of that data according to the requirements of PCI Data Security Standard (PCI DSS). Members, merchants, and service providers who do not adhere to the PCI DSS are at risk of losing processing privileges or significant fines (up to $500,000) for each incident. The requirements for merchants vary, based on the number of payment card transactions processed per year.

The SMP Solution Security Management Partners is one of a preferred group of organizations certified as a Qualified Security Assessor (QSA) of the Payment Card Industry Security Standards Council. Any PCI engagement with SMP will help to ensure that your organization achieves compliance with PCI Data Security Standard (PCI DSS) through assessment prevention, detection, remediation and finally, if necessary, certification via a written letter of compliance (ROC) detailing your company’s information and network security.

The PCI Certification Engagement 

Security Management Partners’ PCI engagement focuses on assessment, remediation, and certification of our client’s information assets and network security. Our comprehensive team approach aligns your business units with your technology needs according to the PCI Security Audit and Reporting Procedures. Each card brand has a few unique requirements of their own for compliance.

Here is a brief overview of the key steps included in the SMP PCI certification engagement process:

  1. Scope and define project plan
  2. Sampling
  3. Conduct gap analysis
  4. Verifying controls
  5. Complete report (either ROC or assist with SAQ)