We Specialize in PCI DSS Testing
AWA, a division of I.S. Partners, LLC serves as an extension of the controls-based CPA auditing firm and was formed in response to the growing market need for specialized information security services provided by skilled professionals with technical expertise. As one of the few Qualified Security Assessor (QSA) firms certified by the PCI Council, our team of dedicated IT resources specializes in this type of testing to better serve our clients’ unique needs.
Biggest Benefits of a PCI DSS Assessment
- Identify system and application weakness and vulnerabilities that can result in data breaches
- Avoid fines and potentially increased transaction costs due to unmet requirements
- Protect your reputation with reduced risk of data breaches
- Help your organization develop and meet a defined IT Security Compliance Program
- Gain an advantage over non-compliant competitors
What We Offer
- PCI Assessments
- Security Framework Assessments – ISO 27001, NIST, SANS Top 20 Critical Security Controls
- IT Security Risk Assessments
- FISMA Assessments
- Security Architecture
- Security Remediation – Security Program Development
- Penetration Testing
- Vulnerability Testing
- Virtual CISO / CISO Advisory Services
- Deliver PCI services using a project management approach that minimizes disruption and miscommunications, as well as the risk of schedule delays and budget overruns
- Leverage an in-depth knowledge of existing audits from decades of experience to provide a comprehensive compliance solution tailored to your needs
- Provide coordination of multiple assessments (for example, SOC and FISMA) to reduce compliance costs and effort
- Optimize the return on your compliance investment by providing outcomes that support broader corporate security and risk management goals
What’s Included in Your PCI Assessment?
Our QSAs will help determine your PCI compliance scope and your compliance requirements including – reporting requirements such as a Self-Assessment Questionnaire or a Report on Compliance, and Penetration testing and/or Approved Scanning Vendor or ASV Scans.
Our QSAs will conduct interviews, control walkthroughs, and review documentation and control artifacts to assess compliance to PCI DSS requirements.
Our QSAs will identify gaps in compliance to the PCI DSS Requirements and report the gaps to management.
Our QSAs will provide guidance on remediating gaps in compliance to the PCI DSS standard and can also provide remediation assistance as desired.
Our QSAs will complete the Report on Compliance, the Attestation of Compliance, as required. If only an SAQ is required, we can provide assistance in selecting the appropriate SAQ and advise on completion as needed.
What You Get? Added Value
PCI data security standard remediation services
Provides feedback on remediation actions targeted to close identified gaps.
PCI-compliant penetration testing
Determines if possible vulnerailities in applications and systemscan be exploited and jeopardize data security.
Internal and external scanning helps fullfil requirement 11 and must be performed using an approved ASV scanner or tool.
PCI Self-Assessment Questionnaire (SAQ)
AWA can provide SAQ assistance, or attestation to help you complete the appropriate SAQ.
PCI report on compliance (ROC)
Provides an independent validation of PCI DSS compliance and a ROC that can be submitted to an qcquirer or one of the card associations (VISA, MasterCard, American Express, DIscover, JCB).
PCI data security standard assessment services
Assesses an organization’s security against PCI DSS requirements and suggests gap rememdiation strategies.