• image
plan42 > IT Security Management > PCI DSS

PCI DSS

Payment Transaction Security

PCI DSS: data protection, security policy, access control, vulnerability management, secure network, monitoring & testing

Protecting Sensitive Credit Card Information

Enhanced security for credit card transactions, greater protection against data theft: following these objectives, the world's leading credit card companies have joined forces and developed a security standard designed to protect sensitive credit card information. In contrast to applicable ISO standards, however, this Payment Card Industry Data Security Standard (PCI DSS or PCI) does not provide recommendations, but binding rules for all trading companies and service providers that process credit card data.

Learn more about the PCI

plan42 is your guide to PCI compliance in your organisation, providing you with targeted technical solutions to align your IT infrastructure to PCI requirements, but also offering comprehensive consulting services that lead you to certification.

1 Kick-off

A kick-off meeting at the beginning of the project serves to clarify your specific objectives, relevant contact persons as well as the schedule for the project.

2 Process Analysis

In the first step of analysis, we focus on your internal processes for credit card information processing and check them for compliance with PCI requirements.

3 Asset Analysis

Subsequently, we analyse your IT infrastructure to identify potential deviations from PCI guidelines.

4 Gap Analysis

Where is action needed? Our gap analysis systematically uncovers any areas of non-compliance.

5 Control Definition

Based on the gap analysis, we work with you to define a collection of controls to establish PCI compliance in your organisation. This collection includes, as required, both organisational measures and technical solutions.

6 Implementation

Our consultants will support you through all stages of implementation, including activities such as the prioritisation of controls, the development of an IT security guideline or the implementation of technical solutions.

7 Pre-Audit

Upon implementation, we conduct a pre-audit to verify the effectiveness of the new controls and to make sure you are perfectly prepared for PCI certification audits and self assessments.

And what can we do for you?

Would you like to learn more about our services regarding PCI? Please feel free to contact us.