Skip over navigation
Ultima Risk Management Logo linking to homepage
  • Contact us
  • Site map
  • Home
  • Consultancy
    • Introduction
    • Information Security (ISO 27001)
    • Business Continuity Management (BS 25999)
    • PCI DSS
    • IT Service Management (ITIL & ISO 20000)
    • Data Protection
    • Information Risk Management
    • Software Asset Management
    • Polices & Procedures
  • Training
    • Training Courses
    • CISMP - ISEB Certificate in Information Security Management Principles
    • PCBCM - ISEB Practitioner Certificate in Business Continuity Management
    • PCIRM - ISEB Practitioner Certificate in Information Risk Management
    • SAM - ISEB Certificate in Software Asset Management Essentials
    • PCSAM - ISEB Practitioner Certificate in Software Asset Management
    • BCM - BCI Understanding BCM Principles and Good Practice
    • All other courses
    • Training Schedule
  • Products
    • ISO 27001 Risk Assessment Tool
    • BS 25999 Risk Assessment Tool
  • Events
    • BS 25999 Implementation Seminar
  • Case Studies
    • Audatex - Global first Dual certification
  • About us
    • Company Profile
    • URM's Partners
    • How to contact us
Home / Consulting / PCI DSS / Approach
getting the balance right
Getting the Balance Right

Stages of Compliance to PCI-DSS

URM’s recommended approach to organisations complying with PCI DSS is based on the following road map.

Category of compliance

The first main challenge for organisations is to identify what credit cards they process and the volumes of transactions for each card type so they can determine which category of compliance they fall in to.

Scope:

Each organisation must identify the data flows in order to ascertain the environment (logical and physical) in which the card transactions are processed. This then becomes the focus of the PCI DSS compliance work.

Infrastructure review

URM works with its customers to ensure that compliance is facilitated by ensuring that the design of the infrastructure in which card transactions are processed is designed to optimise compliance.

Audit and assessment

URM assists customers to complete a PCI audit assessment of its compliance against the 12 Requirements in the DSS. A detailed report is generated to show where compliance exists and document recommendations where there is non-compliance.

Remediation

Not only does URM make recommendations to correct any non-compliance, it also provides consultancy to ensure that remediation activities are carried out in an appropriate manner to ensure compliance.

Compliance Maintenance

PCI DSS compliance is an on-going process. URM can provide consultancy services under a maintenance contract to ensure that compliance, once achieved, is maintained to the correct standard.

Benefits of PCI Compliance PCI DSS, through its binding collection of rules, aims to reduce financial fraud through improving the security capabilities of all aspects of an organisation's IT environment that processes payment card information. There are many benefits of PCI DSS compliance including the:

  • Protection of customers’ personal data
  • Increased customer confidence provided by a higher level of data security
  • Increased protection against financial penalties and remediation costs that arise from security breaches
  • Safeguarding the organisation’s brand and reputation
  • Risk assessment and benchmarking of the security systems that surround the storing, processing and transmission of payment cardholder data.
  • Introduction
  • Information Security (ISO 27001)
  • Business Continuity Management (BS 25999)
  • PCI DSS
    • Stages of Compliance to PCI-DSS
  • IT Service Management (ITIL & ISO 20000)
  • Data Protection
  • Information Risk Management
  • Software Asset Management
  • Polices & Procedures

Copyright © Ultima Risk Management, 2008. All Rights Reserved.

contact us | careers | terms of use | privacy | site map