Information  Security Management System
Implementation and Attestation Support

Payment Card Industry Data security standard is applicable when an entity stores, processes and/or transmits cardholder data and/or sensitive authentication data.

We advise you successful PCI DSS implementation through the following 6 steps journey.

PHASE I - Understanding Business and Card Data

In this phase we are assessing your business, card data flow and the applicability of PCI DSS requirements

PHASE II - Network Scope/Segmentation

In this phase we assess, and recommend thereby enabling you to define a network segment, which forms the basis of cardholder environment (CDE).

PHASE III - Gap Analysis and Risk Assessment

In this phase we perform a detail gap analysis on applicable requirements, and provide detail recommendations. Recommendations include technology, people and process changes. We provide documentation support to ensure requirements

PHASE IV - Implementation Monitoring

This is the longest phase. This phase is a tracking phase where we are interacting with you regularly to ensure all requirements are being tracked towards completion.

PHASE V - Internal Audit

During this phase we are providing an independent opinion about the successful implementation, with additional recommendations if any.

PHASE VI - Successful Certification

At this stage you have received successful QSA compliance on PCI DSS.

Outcome

A successful PCI DSS certified organisation receives Report on compliance (ROC)

What are Card Holder Data (CHD) and Sensitive Authentication Data (SAD)?
source: PCI DSS
What are the PCI DSS 12 Domains?
source: PCI DSS

PCI DSS has 290+ requirements. The attestation steps may involves testing 290 to 1000+ conditions depending upon the complexity of the network.

In Coral we will advise you the optimal approach to achieve successful PCI DSS compliance.

Call or write to us at :
for proposal / roadmap / information