HOME | SITEMAP | CONTACT

• Solutions
• Alliances
• Industries & Clients
• About Tenzing
• Careers

 

Payments Card Industry Data Security Standard

The Payment Card Industry Data Security Standards (PCI DSS) is a comprehensive set of requirements for enhancing cardholder data security around the processing, storage and transmission of customer credit card information, in both electronic and physical form. PCI was developed by the PCI Security Council, founded by the five major credit card brands and is enforced by all major Banks. Non-compliance to PCI standards can result in significant penalties (US$100K+) and prohibition from participation in a card schemes.

Tenzing's PCI DSS Services provide a practical, and proven roadmap for organisations’ to understand their obligations under PCI DSS, the extent that they need to comply and experienced, objective analysts and project managers to assist in obtaining compliance with PCI DSS. Tenzing are experienced in minimizing the impact and cost to an organisation by recommending and implementing practical, cost effective solutions and providing strong management of the external compliance assessors (QSAs' and ASVs).

Tenzing's approach to achieving PCI compliance is to provide a practical roadmap, supported by experienced practitioners, tools and templates, whilst at the same time minimising cost and disruption to Clients and their business.

Our offering has a number of components, which we tailor to specific client needs:

• Scope & Advise
  • Develop an understanding of the extent an organisation is covered, including PCI Scope foot-print and high-level compliance gap analysis.
  • Assist in determining the Merchant/Service Provider level and reaching agreement with the Acquiring Bank and Credit Card brands.
  • Producing a compliance roadmap covering activities, resources and timelines.
• Remediate
  • Plan and manage the programme of work required to remediate systems and processes in order to achieve compliance.
  • If required we are able to leverage our technical teams, including data specialists.
• Assessment
  • Management of the formal PCI audit by a Qualified Security Advisor (QSA). We have established relationships with all three NZ QSAs and two leading Australian QSAs.
  • Facilitate the completion of the annual internal Self Assessment Questionnaire for organisations whose tier does not require an external assessment.

Solutions | Alliances | Industries & Clients | About Tenzing | Careers | Sitemap | Contact