We genuinely look at partnerships with our clients and pride ourselves on never losing a customer once on board. No project is too big or small. From 1 day’s consulting to a 4 month assessment, we have you covered. We maintain a flexible team of consultants with availability scalable to demand.
We offer a wealth of experience in many different industry sectors. We attempt to embed PCI efforts into your existing compliance framework and look at practical solutions that won’t cost you millions of dollars! The important thing to remember is that compliance is not achieved merely by annual audit, and ongoing controls are important. We look to implement a metrics program where quantitative data can be collected on a regular basis to constantly review security implementation.
We feel our flexibility is one of our greatest assets. We have large customers well known to all Australians but also a variety of small and medium entities. We also not only assess but offer advice along the way. Consider a benefit v risk analysis if you are new to PCI- you can spend days or weeks interpreting the PCI Requirements and getting lost, or contracting us for 2-3 days for an initial assessment, putting you on the right path and periodically reviewing progress. The initial cost will easily be recouped with greater efficiency in man hours. Our banking experience also leaves us well placed to assist in quarterly submissions to banks, reducing the pressure of non-compliance fines.
We’re always cognisant of budget constraints. If you’re a Level 4 merchant, we may suggest a 1 day assessment to get you on the path and maybe 1 more day to verify your completed program. Bottom line, we find the right balance between budget, operational and compliance requirements.
Our team is highly experienced in working with both merchants of all levels, and service providers.
Ways we can assist include:
- Providing technical interpretation of the PCI DSS requirements
- Assisting defining the scope of your Cardholder Data Environment
- Undertaking assessments of all nature from initial gap analysis assessments, to progress assessments, to final compliance assessments
- Providing overall project management planning and assistance with remediation plan development
- Providing remediation services post gap analysis
- Providing quarterly reviews post compliance to ensure standards are maintained and keep you informed of industry developments
- Providing full testing including penetration testing and Approved Scanning Vendor (ASV) services via Qualys
- Full reporting with flexibility that fits within your organisational structure
- A hands-on approach that involves personal interaction with key stakeholders including regular updates and reporting for larger scale projects
- Providing template policies specifically designed for PCI DSS Compliance
- Introducing a statistical framework to assist monitoring ongoing compliance
- Liaison with Card Schemes and Acquiring Banks respectively
- Providing a friendly, personable service where we see the PCI project as a partnership rather than an ‘assessment’. After all, compliance for you is also better for our reputation!