SlideShare a Scribd company logo

PCI & PA DSS Compliance Service

Ben Omoakin Oguntala, developingafrica(dot)net
Ben Omoakin Oguntala, developingafrica(dot)net

A specialist service for Payday loan service providers or Application developers. The service covers PA DSS,PCI DSS, Data Protection, Information Security and Secure Application Development (OWASP).

1 of 6
Download to read offline
For loan service providers and payment software developers PCI & PA DSS compliance service Ben Oguntala, LL.B Hons, LL.M, BVC (IPR) IT LAW Consultant & Compliance Specialist Ben.oguntala@riesgoriskmanagement.com 07812 039 867 www.riesgoriskmanagement.com
Service overview Data Supplier PCI DSS PA DSS Protection ISO27K Management Magnetic stripe, card Act verification code or value Protect card holder Build & Maintain data Registration with IS policies & secure network the ICO Secure procedures No. of Suppliers authentication Protect Definition of Log payment business purposes cardholder data application activity IS baselines No. of Maintain vulnerability Develop secure Information payment applications Information Asset management Register shared programme Protect wireless transmissions Incident Information management strong access Vulnerability testing in application sharing control Supplier agreement Secure network contracts Risk Network Cardholder data Management Privacy Impact monitoring & storage Assessment tests Remote access security Maintain Encryption of non Supplier Information Security console access Privacy Policies and Risk treatment Audits procedures policy Implementation guide
Our services PCI DSS compliance • Carry out audits – Gap analysis • Implement project to fill in the gaps • Implement risk management tool • Provide risk assessment and risk treatment service (monthly/bi-weekly/ad-hoc) PA DSS compliance • Software assessment audit and gap analysis • Development of your implementation guideline for clients • Re-use PCI DSS and ISO27001 ISO 27000 compliance • Use of www.riesgoriskmanagement.com ISO27K compliance reporting tool Data Protection Act compliance • Implementation of your Privacy policy and strategy • Business purpose definition • Data retention policy FSA Data security • Data security standard • Data leakage prevention • Encryption policy Supplier management and Audits • 3rd party self audits • IS schedule in Supplier contracts
Compliance overview Organisation Generic Management compliance structure Governance Risk Network and compliance architecture Policies and procedures Services offered Clients Your Your PCI DSS PA DSS organisation application
Protect Access Vulnerability Building a cardholder control management secure data Access control policy of network Segmentation PCI DSS firewalls Different Security baselines
contact details • Ben Oguntala • Ben.oguntala@riesgoriskmanagement.com • www.riesgoriskmanagement.com • 07812 039 867

Recommended

PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSSKimberly Simon MBA
 
Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Crew
 
PA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingPA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingSchellman & Company
 
Application Security and PA DSS Certification
Application Security and PA DSS CertificationApplication Security and PA DSS Certification
Application Security and PA DSS CertificationDigital Security
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…Rochester Security Summit
 
Twitter Bootstrap Presentation
Twitter Bootstrap PresentationTwitter Bootstrap Presentation
Twitter Bootstrap PresentationDuy Do Phan
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0ControlCase
 
PCI DSS
PCI DSSPCI DSS
PCI DSSDuy Do Phan
 

Recommended

PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSSKimberly Simon MBA
 
Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Crew
 
PA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingPA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingSchellman & Company
 
Application Security and PA DSS Certification
Application Security and PA DSS CertificationApplication Security and PA DSS Certification
Application Security and PA DSS CertificationDigital Security
 
You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…You Know You Need PCI Compliance Help When…
You Know You Need PCI Compliance Help When…Rochester Security Summit
 
Twitter Bootstrap Presentation
Twitter Bootstrap PresentationTwitter Bootstrap Presentation
Twitter Bootstrap PresentationDuy Do Phan
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0ControlCase
 
PCI DSS
PCI DSSPCI DSS
PCI DSSDuy Do Phan
 
Developing Africa Ode Remo brochure
Developing Africa Ode Remo brochureDeveloping Africa Ode Remo brochure
Developing Africa Ode Remo brochureBen Omoakin Oguntala, developingafrica(dot)net
 
Developing Africa - Ode Remo
Developing Africa - Ode RemoDeveloping Africa - Ode Remo
Developing Africa - Ode RemoBen Omoakin Oguntala, developingafrica(dot)net
 
Thisday story with Oguntala
Thisday story with OguntalaThisday story with Oguntala
Thisday story with OguntalaBen Omoakin Oguntala, developingafrica(dot)net
 
Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials Ben Omoakin Oguntala, developingafrica(dot)net
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage PreventionBen Omoakin Oguntala, developingafrica(dot)net
 
Risk Assessment And Risk Treatment
Risk Assessment And Risk TreatmentRisk Assessment And Risk Treatment
Risk Assessment And Risk TreatmentBen Omoakin Oguntala, developingafrica(dot)net
 
Data Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing TimesData Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing TimesBen Omoakin Oguntala, developingafrica(dot)net
 
Privacy Impact Assessment Final
Privacy Impact Assessment FinalPrivacy Impact Assessment Final
Privacy Impact Assessment FinalBen Omoakin Oguntala, developingafrica(dot)net
 
Managing Information Asset Register
Managing Information Asset RegisterManaging Information Asset Register
Managing Information Asset RegisterBen Omoakin Oguntala, developingafrica(dot)net
 
Fraud Monitoring Solution
Fraud Monitoring SolutionFraud Monitoring Solution
Fraud Monitoring SolutionBen Omoakin Oguntala, developingafrica(dot)net
 
Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2Ben Omoakin Oguntala, developingafrica(dot)net
 
Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3Ben Omoakin Oguntala, developingafrica(dot)net
 
Iso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence AcquisitionIso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence AcquisitionBen Omoakin Oguntala, developingafrica(dot)net
 
Gprs/3G Troubleshooter
Gprs/3G TroubleshooterGprs/3G Troubleshooter
Gprs/3G TroubleshooterBen Omoakin Oguntala, developingafrica(dot)net
 
Pci V2
Pci V2Pci V2
Pci V2Ben Omoakin Oguntala, developingafrica(dot)net
 
FoI
FoIFoI
FoIBen Omoakin Oguntala, developingafrica(dot)net
 
Dpa V3
Dpa V3Dpa V3
Dpa V3Ben Omoakin Oguntala, developingafrica(dot)net
 

More Related Content

More from Ben Omoakin Oguntala, developingafrica(dot)net

More from Ben Omoakin Oguntala, developingafrica(dot)net (17)

Developing Africa Ode Remo brochure
Developing Africa Ode Remo brochureDeveloping Africa Ode Remo brochure
Developing Africa Ode Remo brochure
 
Developing Africa - Ode Remo
Developing Africa - Ode RemoDeveloping Africa - Ode Remo
Developing Africa - Ode Remo
 
Thisday story with Oguntala
Thisday story with OguntalaThisday story with Oguntala
Thisday story with Oguntala
 
Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Risk Assessment And Risk Treatment
Risk Assessment And Risk TreatmentRisk Assessment And Risk Treatment
Risk Assessment And Risk Treatment
 
Data Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing TimesData Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing Times
 
Privacy Impact Assessment Final
Privacy Impact Assessment FinalPrivacy Impact Assessment Final
Privacy Impact Assessment Final
 
Managing Information Asset Register
Managing Information Asset RegisterManaging Information Asset Register
Managing Information Asset Register
 
Fraud Monitoring Solution
Fraud Monitoring SolutionFraud Monitoring Solution
Fraud Monitoring Solution
 
Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2
 
Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3
 
Iso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence AcquisitionIso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence Acquisition
 
Gprs/3G Troubleshooter
Gprs/3G TroubleshooterGprs/3G Troubleshooter
Gprs/3G Troubleshooter
 
Pci V2
Pci V2Pci V2
Pci V2
 
FoI
FoIFoI
FoI
 
Dpa V3
Dpa V3Dpa V3
Dpa V3
 

PCI & PA DSS Compliance Service

  • 1. For loan service providers and payment software developers PCI & PA DSS compliance service Ben Oguntala, LL.B Hons, LL.M, BVC (IPR) IT LAW Consultant & Compliance Specialist Ben.oguntala@riesgoriskmanagement.com 07812 039 867 www.riesgoriskmanagement.com
  • 2. Service overview Data Supplier PCI DSS PA DSS Protection ISO27K Management Magnetic stripe, card Act verification code or value Protect card holder Build & Maintain data Registration with IS policies & secure network the ICO Secure procedures No. of Suppliers authentication Protect Definition of Log payment business purposes cardholder data application activity IS baselines No. of Maintain vulnerability Develop secure Information payment applications Information Asset management Register shared programme Protect wireless transmissions Incident Information management strong access Vulnerability testing in application sharing control Supplier agreement Secure network contracts Risk Network Cardholder data Management Privacy Impact monitoring & storage Assessment tests Remote access security Maintain Encryption of non Supplier Information Security console access Privacy Policies and Risk treatment Audits procedures policy Implementation guide
  • 3. Our services PCI DSS compliance • Carry out audits – Gap analysis • Implement project to fill in the gaps • Implement risk management tool • Provide risk assessment and risk treatment service (monthly/bi-weekly/ad-hoc) PA DSS compliance • Software assessment audit and gap analysis • Development of your implementation guideline for clients • Re-use PCI DSS and ISO27001 ISO 27000 compliance • Use of www.riesgoriskmanagement.com ISO27K compliance reporting tool Data Protection Act compliance • Implementation of your Privacy policy and strategy • Business purpose definition • Data retention policy FSA Data security • Data security standard • Data leakage prevention • Encryption policy Supplier management and Audits • 3rd party self audits • IS schedule in Supplier contracts
  • 4. Compliance overview Organisation Generic Management compliance structure Governance Risk Network and compliance architecture Policies and procedures Services offered Clients Your Your PCI DSS PA DSS organisation application
  • 5. Protect Access Vulnerability Building a cardholder control management secure data Access control policy of network Segmentation PCI DSS firewalls Different Security baselines
  • 6. contact details • Ben Oguntala • Ben.oguntala@riesgoriskmanagement.com • www.riesgoriskmanagement.com • 07812 039 867