Are all assessments equal?
Readiness for formal assessment requires a number of key stages that lead up to the production of the final Report on Compliance. MWR’s PCI DSS Formal Assessment service is designed to assist in these activities to ensure that the scope of your organisation’s assessment is correctly identified, sampling sizes are defined and justified, and that the formal assessment is conducted efficiently and accurately. Rather than simply focussing on completion of the RoC, the MWR PCI DSS Formal assessment provides:
- Accurate scope identification and justification
- Consistent and defencible methodology
- Compensating control design and validation
- Formal Report on Compliance production
- Explaination of attestation responsibilities to Executive Officer
- Assistance in presenting findings to the acquiring bank
MWR utilise consistent methodologies including automated techniques for accurately tracking assessment scope, capturing assessors’ findings and producing the final report to ensure that the reports are consistent and pass the PCI SSC’s quality assurance programme. Where appropriate, in addition to the formal Report on Compliance, MWR can provide you with a second technical findings report which can identify to your organisation any additional observations and findings beyond the scope of the PCI assessment.
