The PCI Security Standards Council (PCI SSC), which is an independent industry standards body founded by the payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. with the goal to provide oversight of the development and management of Payment Card Industry Security Standards and enhance payment card security on a global basis, has established two programs:
Qualified Security Assessor (QSA) Approved Scanning Vendor (ASV)
The five founding members recognize the QSAs and ASVs certified by the PCI Security Standards Council as being qualified to validate compliance to the PCI Data Security Standard (PCI DSS), where Cyberklix has acquired both certifications.
PCI Qualified Security Assessor (QSA) Audit
Cyberklix performs the PCI QSA Audit as per requirements set by the PCI SSC assuring that the resulting Report on Compliance will be in harmony with the PCI Security Assessment Procedures 1.2 detailed specification and will present the compliance status pertaining to the PCI DSS version 1.2.
Cyberklix approaches the PCI QSA Audit engagement in two phases, which for practical reasons may be structured as two formal projects:
1. Identification of the PCI Data Environment and Scope of Assessment for Compliance with PCI DSS 1.2 requirements, delivering clarity of the audit scope and efforts2. PCI QSA Audit, delivering the standard Report on Compliance with PCI DSS 1.2
Cyberklix’ effective cooperation with the audit client fundamentally enables quality and acceptance of the final product, the Report on Compliance, by the PCI card brands.