PCI Testing and maintenance
The fundamentals for merchants
to maintain compliance.
What is PCI DSS Testing?
A critical part of PCI DSS compliance includes successfully completing regular vulnerability scans and penetration tests. The PGI Penetration Testing team—separate from the Information Assurance (QSA) team—can provide in-depth, technical testing as required by the standard, and includes internal vulnerability assessments, internal and external penetration and segmentation testing.
Unfortunately, many organisations can easily lapse their carefully achieved PCI DSS compliance, after initial effort, by not embedding controls into ‘business as usual’ processes.
To combat this, the Information Assurance team strongly advocates the carrying out of quarterly assessments for key control and processes to ensure that there are no unwanted non-compliance surprises for your annual re-attestation.
At PGI, we also believe that regular PCI testing and reviews are key to staying up-to-date with changes that are implemented with each new release of the payment card industry data security standard.
Benefits of PCI DSS Testing and Maintenance
Do not make PCI DSS a once a year compliance headache. Sustain your compliance posture by embedding PCI DSS requirements into ongoing activities and test these regularly with information assurance experts, available at PGI.
Fulfil your Requirement 11, vulnerability assessment and penetration testing obligations with PGI, your preferred PCI DSS supplier.
Regular PCI testing and maintenance ensures that any new processes, systems or tools implemented by your business in relation to the handling of payment data meet the 6 fundamental goals of the standard.
Build and maintain a secure
network and systems
Protection of data held within the
cardholder data environment (CDE)
Maintain an up-to-date vulnerability management program
Implementation of effective measures
for access control
Regular monitoring and testing of
networks and systems
Updating business information
Why choose PGI?
At PGI, we’re proud to be among a select group of assessors recognised and acknowledged by the PCI Security Standards Council (SSC) for expertise, experience, and professionalism in the field of payment data security.
As approved Qualified Security Assessors (QSA), we assess compliance to the latest standard (currently PCI DSS 3.2.1), helping you to minimise the reputational and financial risks associated with non-compliance, and ensure you’re demonstrating an ongoing commitment to security.