Miscellaneous Software

PCI Security Vendor Alliance (PCI SVA) Simplifies PCI DSS Compliance Process

Pci Sa Oct 04, 2007


Release of Free Solutions Referral Tool for Business Community

NEW YORK, Sept. 11 / / -- To help smooth the path to PCI Data Security Standard (PCI DSS) compliance, the Payment Card Industry Security Vendor Alliance (PCI SVA) today released a free tool (http://pcialliance.org/research_gate.html) that enables merchants and other PCI DSS regulated businesses to identify software and service providers for any specific DSS requirement. The tool includes inexpensive, optional software packages that helps regulated businesses quickly and easily conduct a detailed, formal risk analysis as required by PCI DSS section 12.

Most small and many large merchants are still working to fully comply with PCI DSS. For some merchants, who lack a compliance and/or security officer, it can be a struggle to understand how the PCI DSS requirements match up to the security market sectors, and how to properly complete the PCI DSS self- assessment questionnaire, according to a recent SearchSecurity article. This new tool from the PCI SVA is designed to help with both these issues.

The PCI SVA custom-built Risk Assessment software enables merchants and other PCI DSS regulated businesses to easily conduct a complete PCI DSS data security risk assessment. The final output of the assessment includes a list of missing requirements that links to software and service providers whose offerings address shortcomings found during the assessment.

Listings in the Risk Assessment Tool's directory of solution providers will only be open to PCI SVA member organizations. Vendors of PCI DSS - related software and services are encouraged to join the PCI SVA and complete the Services Inventory Form, so that they may have their solutions included in the database. The database contains a listing of SVA Member's software and services matched to the 200+ requirements of the PCI DSS.

"We believe that this Risk Assessment tool will help demystify the process of mapping the requirements of PCI DSS to the security marketplace," said David Taylor, president of the PCI SVA and Protegrity's Vice President Data Security Strategies. "And we urge vendors who have not yet joined PCI SVA to do so now, as we want the tool to include the broadest range of information from the security and privacy software and services vendors as possible."

The first release of the free PCI Security Vendor Alliance Solutions Selection Tool is currently available to any merchant who wants it. A more comprehensive risk assessment tool is also available for a small fee.

The Payment Card Industry Security Vendor Alliance (PCI SVA) is a non- profit organization formed to educate the business community on the requirements and business value of the Payment Card Industry Data Security Standard (PCI DSS). The standard is published and managed by the PCI Security Standards Committee, which is not affiliated with the PCI SVA.

A June 2007 study by the Aberdeen Group noted that approximately one-third of "best-in-class" organizations surveyed -- and nearly half of the industry average -- had not completed formal risk assessments for all system components in the cardholder data environment. "The first step is to understand where and how cardholder data is flowing in your current environment," said Derek E. Brink, vice president and research director at Aberdeen Harte-Hanks. "From there, a risk assessment and gap analysis that compares your existing security controls to those specified by the PCI DSS is a critical next step towards the ultimate goal of achieving and reporting PCI compliance."

To learn more about the PCI SVA, and to apply for membership, visit the Security Vendor Alliance website www.pcialliance.org/ or email membership@pcialliance.org.

About PCI SVA

PCI SVA (http://www.pcialliance.org/) assists members of the payment card industry, composed of merchants, banks and point-of-sale vendors, in educating the business community on the requirements and business value of the Payment Card Industry (PCI) Data Security Standard, a global benchmark intended to improve security throughout the entire payment card transaction process.

Source: PCI SVA

Web site: www.pcialliance.org/
http://pcialliance.org/research_gate.html

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept