Your SlideShare is downloading. ×
0
PCI & PA DSS Compliance Service
PCI & PA DSS Compliance Service
PCI & PA DSS Compliance Service
PCI & PA DSS Compliance Service
PCI & PA DSS Compliance Service
PCI & PA DSS Compliance Service
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

PCI & PA DSS Compliance Service

408

Published on

A specialist service for Payday loan service providers or Application developers. The service covers PA DSS,PCI DSS, Data Protection, Information Security and Secure Application Development (OWASP).

A specialist service for Payday loan service providers or Application developers. The service covers PA DSS,PCI DSS, Data Protection, Information Security and Secure Application Development (OWASP).

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
408
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. For loan service providers and payment software developersPCI & PA DSS compliance service Ben Oguntala, LL.B Hons, LL.M, BVC (IPR) IT LAW Consultant & Compliance Specialist Ben.oguntala@riesgoriskmanagement.com 07812 039 867 www.riesgoriskmanagement.com
  • 2. Service overview Data Supplier PCI DSS PA DSS Protection ISO27K Management Magnetic stripe, card Act verification code or value Protect card holder Build & Maintain data Registration with IS policies & secure network the ICO Secure procedures No. of Suppliers authentication Protect Definition of Log payment business purposescardholder data application activity IS baselines No. ofMaintain vulnerability Develop secure Information payment applications Information Asset management Register shared programme Protect wireless transmissions Incident Information management strong access Vulnerability testing in application sharing control Supplier agreement Secure network contracts Risk Network Cardholder data Management Privacy Impact monitoring & storage Assessment tests Remote access security Maintain Encryption of non SupplierInformation Security console access Privacy Policies and Risk treatment Audits procedures policy Implementation guide
  • 3. Our servicesPCI DSS compliance• Carry out audits – Gap analysis• Implement project to fill in the gaps• Implement risk management tool• Provide risk assessment and risk treatment service (monthly/bi-weekly/ad-hoc)PA DSS compliance• Software assessment audit and gap analysis• Development of your implementation guideline for clients• Re-use PCI DSS and ISO27001ISO 27000 compliance• Use of www.riesgoriskmanagement.com ISO27K compliance reporting toolData Protection Act compliance• Implementation of your Privacy policy and strategy• Business purpose definition• Data retention policyFSA Data security• Data security standard• Data leakage prevention• Encryption policySupplier management and Audits• 3rd party self audits• IS schedule in Supplier contracts
  • 4. Compliance overview Organisation Generic Management compliance structure Governance Risk Network and compliance architecture Policies and proceduresServicesoffered Clients Your Your PCI DSS PA DSSorganisation application
  • 5. Protect Access Vulnerability Building a cardholder control management secure data Accesscontrol policy of network Segmentation PCI DSS firewalls Different Security baselines
  • 6. contact details• Ben Oguntala• Ben.oguntala@riesgoriskmanagement.com• www.riesgoriskmanagement.com• 07812 039 867

×