Residential | Small Business | Enterprise | Wireless Region / Language
AT&T Consulting offers a range of comprehensive, customized PCI compliance solutions that objectively match each requirement to the most effective possible solution for your company. In addition, we provide assessment (QSA and PA-QSA), remediation, program development, penetration testing, and code review services that help companies address specific areas of PCI compliance and common practice.
- Annual PCI Assessments
- PCI Remediation
- Payment Application Best Practice Certification
- PCI Program Management
Annual PCI Assessments
As a PCI Qualified Security Assessor (QSA), AT&T Consulting is able to perform annual assessments and issue Reports on Compliance (RoC). On-site assessments consist of interviews of key personnel, review of policies, procedures, and other key documents, architecture review, vulnerability testing, and review of key device configurations. The result of this effort is a Report on Compliance, which articulates the company’s adherence to the PCI Data Security Standard.
PCI Remediation
Before undergoing a “real” PCI assessment, AT&T Consulting can perform “mock” assessments to determine if you are ready. Customers often use this approach to help identify and anticipate areas needing remediation. With our substantial experience, toolsets, and range of services in our Secure Network Integration portfolio, AT&T Consulting can perform that remediation work for you. You will benefit from an accelerated and more streamlined “real” assessment process.
Payment Application Best Practice Certification
Although currently not a PCI requirement, Visa and MasterCard encourage the developers of payment applications to certify those applications in accordance with the PCI Payment Application Best Practices program. Applications that meet these standards can be listed on the PCI Standards Council Web site. AT&T Consulting is an approved Payment Application Qualified Security Assessor (PA-QSA) under this program. The PCI council is expected to make this certification mandatory for applications developed for sale, while it is expected it will remain recommended for in-house applications.
PCI Program Management
Addressing the PCI efforts across an enterprise can be challenging, requiring specialized knowledge and project coordination experience. AT&T Consulting has both the project and program management experience to help manage the PCI program effort on your behalf.
