Sold by: BDO Digital
If you are leveraging AWS solutions to provide payment card services, there are infrastructure, hosting, and other PCI compliance requirements that need to be considered and implemented. If you are interacting with card data or are supporting solutions that are part of processing, transmitting or storing card data within the AWS environment, PCI is applicable. BDO has expertise helping clients navigate the complex PCI requirements in AWS and can assist in determining what may be needed to achieve PCI compliance.
Overview
ASSESSMENT, TESTING, AND OTHER SECURITY REQUIREMENTS BDO has been accredited by the PCI Security Standards Council (SSC) as a Qualified Security Assessor (QSA) company. To comply with PCI requirements, our Advisory Services team helps our clients navigate the PCI framework and provides PCI and IT risk services to assist merchants, service providers, payment providers, hosting companies, web development organizations, cloud providers, eCommerce companies, and other third-party organizations.
BDOs specific, PCI related services include:
- Assessments of the environment and personnel that may be involved with processing, transmitting, storing, or impacting the security of cardholder data
- PCI readiness assessments based on formal PCI Data Security Standard (DSS) requirements, including gap reports of not-in-place items or issues that need to be addressed
- Required annual Reports on Compliance (ROCs) or Self-Assessment Questionnaires (SAQs)
- Attestations on Compliance (AOCs)
- Annual internal and external PCI-based penetration tests, as needed
- Application scans
- Evaluations of processes to comply with 12.8.x requirements, including assessments of third party service providers (TPSPs) as it aligns with PCI TPSP requirements
Highlights
- We offer the following PCI compliance services: Annual Compliance Validation & Reporting in accordance with the PCI DSS standard for organizations of any size (levels 1 through 4) Quarterly Vulnerability Assessments performed by a PCI certified ASV Annual Penetration Testing internal and external penetration testing from information security experts PCI Program Management to Merchants & Service Providers for Complex Partner & Parent/Child Organizations
- Readiness Assessment: pre-engagement scoping & Q&A sessions Remediation Assistance & Evaluation Srv Scope Reduction Services minimizing the scope of PCI compliance Spot Check Programs: maintenance and spot checking of your PCI activities Strategic Planning: short term and long-term visioning for PCI compliance PCI Compliance Optimization & Training: organizational efficiency & optimization
- PCI - Payment Card Industry (PCI) services are provided by BDO as a Qualified Security Assessor Company (QSAC). BDO provides PCI DSS services including PCI Readiness; PCI SAQ Certifications; PCI ROC Certifications; Approved Scanning Vendor (ASV) Services; Penetration Testing; Web Application Testing; and PCI Remediation.
Details
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Call or email David Thiele - dthiele@bdo.com - 713-407-3892