PCI DSS Compliance

Vectra launched our payment card related security compliance services in 2004 through programs with Visa and MasterCard. We then became the first Australian company to be certified as a QSA Company (QSAC) by the PCI Security Standards Council when it was formed in 2006. Since that time we’ve assisted thousands of organisations of all sizes in sectors including retail, financial services, insurance, transport, banking, credit unions, building societies, utilities, gaming and third party hosting and service providers. Some facts about PCI DSS compliance:

  • Every organisation that stores, processes or handles payment card data is required to meet PCI DSS compliance.
  • Compliance reporting for small merchants can be as simple as completing a Self-Assessment Questionnaire (SAQ) while for larger merchants and third party service providers, annual assessments must be conducted by a QSA Company.
  • If you have internet facing IP addresses you must conduct network vulnerability scanning utilising an Approved Scanning Vendor (ASV) certified by the PCI Security Standards Council.
  • To meet merchant agreements and avoid penalties, acquiring banks will seek PCI DSS compliance reporting on an annual basis and in some cases, on a quarterly basis.

Vectra PCI DSS Compliance Services:

  • Gap Assessments
  • SAQ Completion
  • Network (ASV) Vulnerability Scanning
  • Card Holder Data Discovery
  • External and Internal Penetration Testing
  • External and Internal Vulnerability Assessments
  • Pre / post Assessment Guidance
  • DYI / Internal Assessment Validation
  • Third Party Assessment Validation
  • Annual PCI DSS Assessments
  • Remediation Solutions
  • Managed Service (see our GRC Management)

Have Questions?

  • What tools are used?
  • Does the service satisfy PCI DSS compliance requirements?
  • Can testing be conducted remotely?
  • Is this available as a managed service?
  • How much does it cost?