PCI DSS Compliance Software

Solution & Benefits Lifecycle Related Regulations

PCI-DSS Compliance Lifecycle

The PCI-DSS compliance lifecycle includes the following steps, all automatically enacted by the ProcessGene™ GRC Software Suite:

Lifecycle step PCI-DSS activity
PCI-DSS context establishment
  1. Definition of PCI-DSS compliance related business processes
  2. Delineation of process diagrams (optional)
  3. Definition of assets within the PCI-DSS scope
  4. Standardization and documentation of PCI-DSS regulations, policies and procedures
Risk identification
  1. Risk description, identification of risk stakeholders
  2. Risk classification and determination of heat-maps
  3. Risk assessment and measurement
  4. Determination of Key Risk Indicators (KRIs)
  5. Risk tolerance determination
Control determination
  1. Definition of controls to mitigate identified PCI-DSS risks
  2. Assignment of PCI-DSS control owners
  3. Scheduling and monitoring PCI-DSS control execution
  4. Assessment of residual risk levels
Requirement management
  1. Requirement definition
  2. Automated requirement workflow management
  3. Requirement fulfillment monitoring
PCI-DSS audit and remediation
  1. Definition and scheduling of PCI-DSS audit plans
  2. Definition of mechanisms for testing ongoing PCI-DSS compliance
  3. Collection, analysis and storage of PCI-DSS audit results
  4. Remediation plan definition, execution and follow-up
PCI-DSS related incident management
  1. Incident recording
  2. PCI-DSS related incident handling (using scheduled workflows)
  3. PCI-DSS related incident analysis and reporting
  4. Incident monitoring and follow-up
PCI-DSS certification
  1. Hierarchal PCI-DSS certification process determination
  2. Establishment of an automated PCI-DSS certification process
  3. Monitoring and reporting PCI-DSS certification status
  4. Archiving PCI-DSS certification history
Multi-Org management
  1. Determination of a global PCI-DSS compliance baseline with mandatory components
  2. Establishing a workflow for examining local (subsidiary) variants
  3. Enforcement of enterprise guidelines, regulations and frameworks within subsidiaries
  4. Control PCI-DSS compliance level both locally (per subsidiary) and globally from a central HQ cockpit

The ProcessGene™ PCI-DSS Software Users

The ProcessGene™ PCI-DSS compliance software provides value to the following users:
  1. C-level management (CEO, CFO, CIO, CRO, COO)
  2. Board of directors
  3. Compliance officers
  4. Internal auditors
  5. PCI-DSS compliance managers



Continue to: Related Regulations >