PCI DSS Compliance Audits & Readiness Assessments

Backbone Consultants continues to deliver on our commitment to remain knowledge experts and stay in tuned with the most current Payment Card Industry Data Security Standards (PCI DSS). Through Backbone's PCI Compliance Audit and Readiness Assessment services, your organization can more easily navigate and comply with the set of requirements designed to ensure the secure processing, storage and transmitting of credit card data. Backbone's PCI services are intended to validate your organization's compliance towards the PCI requirements prior to a formal audit performed by a PCI Qualified Security Assessor. Backbone's methodology used to achieve PCI compliance are as follows:


Pre-Assessment Questionnaire: Backbone will review an organization's the PCI environment, including the related applications and services involved in processing credit card data. Our consultants can evaluate which PCI Self-Assessment Questionnaire is appropriate for your organization based on our initial fact gathering analysis. The credit card processing environment will then be properly scoped for the assessment, evaluated for compliance to the PCI DSS requirements, and the appropriate questionnaire and supporting documentation will be completed and made available.


Protect Cardholder Data: Backbone will conduct a detailed review of the services, applications and hardware involved with credit card processing.  Our assessment will focus on the information security components surrounding authentication, authorization, and encryption. Reviewing each mechanism is critical in ensuring that credit card data is adequately protected at the time of capture, storage, and during transmission.


Vulnerability Management Program: Backbone will perform an evaluation of the current processes to intake, assess, prioritize and respond to new and emerging risks to your organization. Our consultants will then review the existing processes and procedures to ensure vulnerabilities are effectively managed. If a process does not exist or a control gap is identified, Backbone can work with your team to create a process that is right-sized for your organization and achieves the intended requirement.


PCI Readiness Report: Upon completion of the review, Backbone will create a comprehensive report detailing the scope, activities performed, and results of the PCI readiness assessment. This report will highlight controls that are operating effectively, as well as detail any control deficiencies identified during the assessment. All exceptions that are identified will be explicitly detailed as to the where the control breakdown has occurred. Backbone will provide actionable recommendations that an organization can use to mitigate the risks identified.


The PCI Compliance Audit and Readiness Assessment services offered by Backbone Consultants are designed to mature the operational, security and compliance requirements to protect credit card processing and transactional data. Backbone's skilled Certified Information Systems Auditors (CISA) can quickly assist your organization in addressing PCI DSS requirements needed to achieve PCI compliance.