Top Page > Services > Management consulting > PCI DSS Certification Support / Examination Service

PCI DSS Certification Support / Examination Service

Supporting efficient certification by utilizing QSA perspective

Service Overview
PCI DSS (Payment Card Industry Data Security Standard) is a standard implemented in order to protect credit card and transaction information.
Business entities that deal with credit card information, such as member stores and payment agencies, are required to comply with PCI DSS and to meet 12 conditions regarding network security, protection of cardholder data, vulnerability management, access control and information security policy.
PCI Data Security Standards - Overview
Safe network,
system structure, and
maintenance
1.
Install and maintain a firewall to protect cardholder data.
2.
Do not use default values for system password and other security parameters.
Protection of
cardholder data
3.
Protect stored cardholder data.
4.
Encrypt cardholder data transmitted via a public network.
Vulnerability control
program maintenance
5.
Protect all systems against malwares and update anti-virus software regularly.
6.
Develop and protect safe systems and applications.
Effective access control
method introduction
7.
Limit access to cardholder data to the range required to carry out business.
8.
Identify and confirm access to system components.
9.
Limit physical access to cardholder data.
Regularly monitor and test
the network
10.
Track and monitor all access to network resources and cardholder data.
11.
Test security system and process regularly.
Information Security
Policy Maintenance
12.
Maintain policy regarding information security for every director.
Infosec effectively and efficiently supports status analysis and conformity correspondence from a Qualified Security Assessor (QSA) standpoint.
Services Available/Menu (1)
■Status Analysis Service
  • Status assessment
    We identify the area to apply PCI DSS compliance by fully gauging the save/process/send system for cardholder data and the forwarding paths of transaction data.
  • Gap analysis
    We review the current state of your system through consultation, check sheets, document review, and field validation to determine where required standards are lacking in the range of application.
  • Improvement project planning
    We assess and prioritize problem areas, and come up with improvement projects which include policies, periods and expenses based on results of the gap analysis.
  • Service Available/Menu (2)
    ■Compliance Support Service
  • Improvement/countermeasure support
    We support packaging requirements for the target system and document preparation in order to implement various countermeasures to meet compliance standards based on the improvement project.
  • Compliance status confirmation
    We re-examine the compliance status and prepare for assessment after handling compliance.
    * We also deal with maintenance/continuity of licenses and update assessments for organizations that have already acquired certification.
    * Infosec also provide support for solution implementation and building required for compliance.
      Contact us separately for details.
  • Services Available/Menu (3)
    ■Assessment Service
    Professional licensed QSA examiners and assess the status of compliance status to 12 PCI DSS requirements.
    Features
    Infosec Advantages
  • Credibility as a QSA (Qualified Security Assessor)
    PCI SSC certified consultants point out what needs to be checked from the standpoint of an assessment organization.
    Since we are qualified as a security assessor, we can provide a package service for everything from creating countermeasures to conducting field assessments as needed.
  • Experienced consultants assist you
    We provide specialized knowledge acquired from previous PCI DSS certification support.
    Infosec supports effective and efficient countermeasures that correspond to each organization. The countermeasures are developed through processes created upon consideration of the relationship between task output during our status analysis and items checked during the assessment.
  • In-depth knowledge of a company specializing in risk management
    Infosec provides the specialized knowledge necessary for standard compliance and certification. Our certification support service is based on standards like ISMS (ISO/IEC27001) and PMS (JIS Q 15001) and has an impressive track record.
    We support effective and efficient countermeasures for each organization based on our established process from system maintenance and policy planning to document support, audit support, and improvement support.
  • Flexible and extensive support system
    We also continue to support your efforts to maintain your license after acquisition by using our rich experience of security assessment and web application source code review. Infosec is unique in the way we support risk management in all ways possible. We offer not only technical support, but also management system structure, auditing, and educational support; we support our clients' journeys the entire way to their destination.
  • Service Deployment
    We provide flexible support from status analysis to assessment based on your organization's characteristics and requirements.
    Flexible support from status analysis to assessment based on your characteristics and requirements.
    Sample
    Status analysis service time/report
    Status analysis service time/report
    For inquiries about our services
    Click here to contact us about our services
    Inquiry form