PCI Audit and Report on Compliance

For merchants and service providers that require an annual PCI On-Site Audit for PCI compliance validation, Halock is certified as a Qualified Security Assessor and can perform PCI audits for all levels of Credit Card Merchants and Service Providers

Halock's PCI Audit Team will review all aspects of the environment that store, process or transmit cardholder data to ensure compliance with the PCI Data Security Standard. The auditors will collect data/evidence and perform testing as outlined in the Security Audit Procedures and Reporting document, which is designed to ensure compliance with the PCI Data Security Standard.

Upon completion of the PCI On-Site Audit, Halock will provide full documentation of the results, including the preparation of the official Report on Compliance (ROC) for submission to the acquiring bank or other requesting institutions.

The PCI On-Site Audit requires the results of the last four quarterly vulnerability scans; therefore, scanning may need to be performed in parallel with Halock's PCI On-Site Audit.

Upon completion of the PCI On-Site Audit, the QSA will complete the certification process by submitting all documentation and the completed Report on Compliance for review by the card brands and/or acquiring bank, as required according to the PCI merchant or service provider classification level. Once the report has been reviewed and accepted, an official certificate of PCI compliance will be issued by the acquiring bank.
 

On-Demand Vulnerability Scanning:

Allows for unlimited scanning of Internet IP addresses to enable ongoing compliance with PCI quarterly vulnerability scanning requirement. Online filing allows for automatic notification to acquiring bank once compliance is achieved.

PCI Compliance Management Portal:

An online portal designed to facilitate PCI compliance efforts and to assist in managing all work efforts related to acheiving PCI compliance. Portal includes PCI related news articles with expert analysis, a comprehensive PCI knowledgebase, downloadable tools and templates, and more.