Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

PCI SVA Simplifies Compliance Process

NEW YORK -- To help smooth the path to PCI Data Security Standard (PCI DSS) compliance, the Payment Card Industry Security Vendor Alliance (PCI SVA) today released a free tool (http://www.pcialliance.org/research_gate.html) that enables merchants and other PCI DSS regulated businesses to identify software and service providers for any specific DSS requirement. The tool includes inexpensive, optional software packages that helps regulated businesses quickly and easily conduct a detailed, formal risk analysis as required by PCI DSS section 12.

Most small and many large merchants are still working to fully comply with PCI DSS. For some merchants, who lack a compliance and/or security officer, it can be a struggle to understand how the PCI DSS requirements match up to the security market sectors, and how to properly complete the PCI DSS self-assessment questionnaire, according to a recent SearchSecurity article. This new tool from the PCI SVA is designed to help with both these issues.

The PCI SVA custom-built Risk Assessment software enables merchants and other PCI DSS regulated businesses to easily conduct a complete PCI DSS data security risk assessment. The final output of the assessment includes a list of missing requirements that links to software and service providers whose offerings address shortcomings found during the assessment.

Listings in the Risk Assessment Tool's directory of solution providers will only be open to PCI SVA member organizations. Vendors of PCI DSS - related software and services are encouraged to join the PCI SVA and complete the Services Inventory Form, so that they may have their solutions included in the database. The database contains a listing of SVA Member's software and services matched to the 200+ requirements of the PCI DSS.

"We believe that this Risk Assessment tool will help demystify the process of mapping the requirements of PCI DSS to the security marketplace," said David Taylor, president of the PCI SVA and Protegrity's Vice President Data Security Strategies. "And we urge vendors who have not yet joined PCI SVA to do so now, as we want the tool to include the broadest range of information from the security and privacy software and services vendors as possible."

The Payment Card Industry Security Vendor Alliance (PCI SVA)