PCI Test Tool

Automated PCI Security Assessment Test Tool
Objective: Automate the testing procedure which involves both process and technology operations which either process, in use or transmit the credit card cardholder data.

Current Background:
As part of the annual PCI assessment process, merchants or service providers operation have to be evaluated at people, process and technology and validated against the set of PCI compliance requirements. Each validated requirement has to be documented in the reporting template provide by PCI and finally generate Report on Compliance (ROC) and Attestation of Compliance (ACO). And most of these processes were handled in manual way besides the vulnerability scan and penetration testing.

Future State:
To reduce the testing and auditing window for the PCI assessment most of the requirement can be automated especially the ones involving the process and technology areas, A1PlusSoft is focusing on developing automated test tool to execute the test scenarios to validate the PCI requirements and help produce the compliance reports and help capture the test results in streamlined manner. Test tool will reduce the testing/auditing period by 1 to 3 months based on the complexities of systems to be evaluated and validated.