|
|
 |
l Home l PCI Certification l For Software Vendors
 |
|
For Software Vendors
Acertigo provides with the PA-DSS Assessment services a comprehensive set of services to assist software vendors in achieving compliance with the Payment Application Data Security Standard requirements. The proven Acertigo methodology of rendering these services is separated into different stages to assist the vendor in achieving compliance. During these stages, Acertigo provides the vendor with services to allow the vendor to achieve compliance in an efficient and timely manner. These stages are:
Pre-Compliance Review
During this stage Acertigo provides knowledge and understanding of the requirements of the PA-DSS. In workshops and interviews together with the responsible staff members gaps regarding the control objectives are identified and necessary remediation activities are defined.
Remediation Advisory and Consultancy
During this stage Acertigo assists the vendor in remediation work to close the identified gaps. Commonly identified gaps are non-aligned key management and encryption methods, storage of sensitive authentication data, lack of audit trails, and inadequate remote access control.
Readiness Review
An onsite review according to the PA-DSS audit procedures is conducted by Acertigo auditors together with the responsible staff of the customer during an onsite visit. This review addresses development processes and procedures, logical security, documentation, and security management.
|
|
|
