|
|
 |
 |
 |
|
Contact FortConsult if you wish to know: |
 |
| - | How to interpret the security requirements in PA DSS |
|
| - | Whether you have the option of exemption from PA DSS certification |
|
| - | How to be PA DSS validated in the quickest and most straightforward manner |
|
| - | How you can minimise your costs in qualifying for PA DSS validation |
We can also help you obtain PA DSS vali- dation. |
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
| FortConsult is the only Danish enterprise which is certified by the credit card companies to both conduct audits and security scans of enter- prises' critical payment systems in accordance with PCI DSS - and to check security in payment software in accordance with PA DSS. |
|
|
|
|
|
|
|
|
|
 |
|
 |
| FortConsult recommends that all banks review the standard in order to find out what you have to do to qualify for PCI DSS validation and to contact us if you have any questions with regard to the standard and what it may mean for your particular bank. |
|
| |
| PCI DSS is here to stay, and our experience shows that it is well worth commencing the process as quickly as possible and getting an overview of where your enterprise complies with the standard and where this is not the case. In this way, you can incorporate an action plan for PCI DSS validation into your day-to-day work with IT and thereby avoid having to launch a major PCI DSS project at the last possible moment. At the same time, you will avoid making ill-advised investments in IT security which do not meet the requirements of PCI DSS and are thus not future-proof. |
|
| |
| In order to be able to identify the areas in which you yourself have to comply with PCI DSS, we recommend that you commission a project designed to identify any areas in which you do not comply with the standard. You should then ensure that these areas are brought up to scratch with respect to PCI DSS as soon as possible with a view to being verified by your normal audit from 2009. |
|
| |
| FortConsult has developed a so-called gap analysis for this purpose, which in our opinion is the easiest and most reliable way of securing PCI DSS validation. The first part of the gap analysis consists of a scoping phase, in which we help you to identify which of your IT systems come within the scope of PCI DSS. Among other things, we look at whether the number of systems can be reduced so that your PCI DSS project is minimised to encompass only that which is necessary. |
|
| |
In the following, you can read more about PCI DSS itself and what it means for European banks:
|
|
|
|
|
|
|
|
 |
|
| - | PCI DSS certified in 2004 to perform security scans as the first and only company in Scandinavia. |
|
| - | PCI DSS certified in 2005 to conduct audits as the first and only company in Scandinavia. |
|
| - | Chosen by the bank sector in Denmark to help all Danish bank data centres to acquire PCI DSS validation due to our early PCI DSS certification, our considerable experience in the PCI area and our extensive knowledge of the financial sector. |
|
| - | Permanent PCI DSS service provider to all Danish banks needing PCI DSS assistance. |
|
| - | Has carried out PCI DSS tasks for some of the biggest retail chains in Scandinavia at international level. |
|
| - | Is today the leading PCI DSS service provider in Scandinavia and the Baltic. We have, for instance, certified more than 60 percent of the enterprises on VISA's list of validated Scandinavian service providers. |
|
| - | PA DSS certified in 2008 as the first and only company in Denmark - and among the first 14 in the world.
|
|
|
|
|
|
|
|
|
|
|
