skip to content

Support Portal

NCI.ca

Services

nciINTELLIGENCE Services: thorough, experienced consulting.

Services Contact

Contact Name
 services@nci.ca | 905.607.9777

PCI DSS compliance

NCI is certified as a PCI (Payment Card Industry) Approved Scanning Vendor (ASV) and Qualified Security Assessor (QSA).

NCI provides a full suite of PCI services to assist organizations of various sizes comply with the standard and satisfy the reporting requirements.


PCI DSS Validation Services


nciSCAN: PCI External Vulnerability Scans

As a PCI ASV (Approved Scanning Vendor), NCI performs the quarterly scans and generates the Executive and Technical reports required to demonstrate compliance to the requiring banks. Contact us for our one-time scan or yearly subscription.

PCI Compliance Validation Assessment

As a PCI Qualified Security Assessor (QSA), NCI applies its extensive security assessment experience to efficiently and effectively conduct the assessment and generate the Report of Compliance (ROC).

PCI Questionnaire Support

Our Qualified Security Assessors (QSAs) can assist with understanding, completing, or validating your PCI self-assessment questionnaire.

PCI DSS Compliance Program

Achieving and maintaining PCI DSS compliance is very specific to each merchant environment with many factors to consider. NCI works with our clients to create a PCI DSS compliance program that will reduce their long-term compliance costs, simplify validation assessments, and enable them to more easily achieve and maintain PCI DSS compliance.
Our PCI experts and project managers work with you to define a compliance project plan that will include modules appropriate to your needs:

  • PCI Scope Assessment: what portion of your environment is involved? can it be simplified/reduced?
  • PCI SItuation Survey - where does your organization stand with respect to network security, policies, procedures, and tests required for PCI compliance? What assessments and other work is required to get there from here?
  • PCI Readiness Assessments determine whether your organization requires additional network or physical security measures to meet the standard. Recommendations will be provided to help you determine where to focus remediation efforts.
  • PCI Policy Review and Development ensures that you have all the required documentation in place.
  • PCI testing - provides, in addition to nciSCANs, the Penetration testing, wireless scans, and other tests that are required.  For example, wireless network scans are important for any organization, to check for rogue access points.