COMPLIANCE

Payment Card Industry Data Security Standarts (PCI DSS)

 

The Payment Card Industry Data Security Standard (PCI DSS) is the data security requirement for merchants that store, process or transmit cardholder information, and has been endorsed by all the major card brands: Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. The PCI DSS is a framework for the secure handling of cardholder data.

 

Secureway’s PCI DSS Gap Analysis, Audit and Certification is for organizations who want to measure current corporate information security practices against the PCI DSS. This service is relevant to organizations that are accepting or processing credit card transactions and want to gauge current information security controls and practices against the PCI DSS standard.

 

The Gap Analysis is often the first step of a PCI DSS compliance project, and provides a roadmap for compliance to the PCI DSS standard. This service will typically involve a number of days onsite for Secureway to meet with the managers who are in charge of the PCI DSS program; key staff involved in network administration and cardholder systems; and the individuals responsible for company procedures and policies.

Information Security Management System (ISO27001)

 

ISO/IEC 27001 is the internationally recognised standard for effective information security management. The ISO 27001 Gap Analysis service is a specialised, in-person review of your information security regime that will give you a high-level overview of what you need to do to achieve certification to ISO 27001.

 

ISO 27001’s breadth of applicability can make it difficult for organisations to determine how to apply the Standard effectively and economically.

 

Our consultancy team has helped companies prepare for ISO 27001 certification. Get customised, personal advice from an experienced ISO27001 implementation specialist with our ISO 27001 Gap Analysis and Audit service.

 

General Data Protection Regulation (GDPR)

 

New privacy laws and incidents of privacy violations, identity theft and personal information mismanagement have increased regulatory and consumer pressure to prevent disclosure or compromise of personally identifiable and sensitive information. The business impacts of failure – on both long-term relationships and value – have elevated the issues of privacy, security and information risk management to the board and senior executive level at many companies. Addressing privacy issues on a global, basis and in a consistent and cost-effective manner is crucial to maintaining a competitive edge in today’s global economy.

 

SecurewayNL offers a wide range of privacy and data protection services, and can help you;

 

– Build an integrated, privacy compliance and risk framework in line with GDPR requirements

– Conduct privacy, security and/or identity theft prevention assessments

– Perform personal information inventories of the business processes and locations that handle high-risk or regulatory sensitive information

– Build privacy program business plans, budgets and roadmaps

– Design and implement solutions to address key risks and areas of noncompliance; enhance data classification scheme and technical and physical security safeguards; re-architect global data flows; design automated vendor privacy and security oversight programs

– Prepare for GDPR and other global compliance solutions with implementation of ISO27001 and ISO27018

– Provide DPO as a service for continuous compliance