The National Security Scheme is more than just a risk analysis and doesn’t have to be complicated. Thanks to our GlobalSuite national scheme software® and its aid system, this project is a simple task. The perfect software to adapt your organization.
Our software
Discover our software for PCI DSS
Features
GAP Analysis
It allows the conduct of differential analyses on PCI regulations, definition of maturity levels for each requirement, visualization of the result through different graphs, comparison of the results of different analyses and the export of the information for reporting.
Compliance plans
It enables the development of the adequacy plan for each differential analysis, the automatic identification of the requirements that are not met, the definition of actions for each unfulfilled requirement and its follow-up.
Evidence management
The platform manages the evidence handled centrally, provides a detailed record of electronic and physical evidence, association with the document manager for electronic evidence and each evidence with the corresponding controls.
Control management
It enables centralized management of controls, association of controls with PCI requirements, evaluation of control effectiveness and configuration of methodologies, publication of control surveys. Association of controls with risks and calculation of residual risk from the effectiveness of the controls.
Risk analysis and management
It has asset inventory and components, dependencies between assets, components and processes, as well as identification, analysis and risk assessment. The definition of risk management plans, the configuration of methodologies for the calculation of risks. GlobalSUITE® comes with predefined risk catalogs and controls. It allows the publication of asset and risk surveys and the management of historical analysis and risk management.
Compliance management
The tool allows the management of compliance with PCI regulations, defining the maturity status of each requirement showing graphs of them. It also allows the association of documents (policies, procedures and records) related to each requirement, and the controls related to them, and the management of historical for the same catalog of requirements.
Integration with Power BI
Make the most of GlobalSUITE data® by performing an executive dashboard in a Business Intelligence tool such as Power BI.
Publishing compliance surveys
The software enables the design of surveys with questions for each requirement, the sending of surveys via email and the consolidation of all the answers in a single catalog.
Balanced Scorecard
The comprehensive dashboard enables the management and strategic control of the organization through different metrics and indicators.
What does compliance with the PCI-DSS security standard mean?
It is a security standard that consists of requirements necessary to protect sensitive credit and debit card information. It is mandatory for all companies that accept, process or transmit credit or debit card data to maintain a safe environment. Companies that process, store or transmit card data must meet the standard or risk losing their permissions to process credit and debit cards
- Requirement 1: Firewall settings to protect card owners’ data.
- Requirement 2: Do not use system passwords and other default security parameters provided by vendors. Protect Card Owners Data.
- Requirement 3: Protect the stored data of card owners.
- Requirement 4: Encrypt card owners’ data and sensitive information transmitted over open public networks. Maintain a Vulnerability Management Program.
- Requirement 5: Regularly use and update antivirus software.
- Requirement 6: Develop and maintain secure systems and applications. Implement robust access control measures.
- Requirement 7: Restrict access to data based on the official’s need to know the information.
- Requirement 8: Assign a unique ID to each person who has access to a computer.
- Requirement 9: Restrict physical access to cardholder data. Regularly monitor and test networks.
- Requirement 10: Track and monitor all access to network resources and cardholder data.
- Requirement 11: Regularly test security systems and processes. Maintain an Information Security Policy.
- Requirement 12: Maintain a policy that addresses information security.