Cybersigma Consulting Services
Payment Card Industry Data Security Standard(PCI-DSS) Form
Personal Information
Name
*
Email
*
Contact No.
*
Organisation Name
*
Cost Estimation
Name and Location of the Company
*
Description of Company’s business/process for which
PCI DSS Certification is required.
*
List of all services Company provides related to Credit Card/Debit Card
*
Please provide list of Card payment processing operation such as Settlement, reconciliation, payment acquiring, chargeback which would be in scope.
Location where Card Payment processing Operations happen.
Location from where IT/Infrastructure is managed.
*
Location where servers and infrastructure are hosted. If servers are hosted at third party hosting service provider such as Amazon, then is third party hosting services PCI DSS Compliant or Certified.
*
Location of DR Site
*
Is Location Covered in this assessment.
*
Yes
No
Any other location to be covered in this assessment?
*
Any entities (Banks, VISA/MasterCard network, Payment Gateway etc.) that Company connects to for payment transmission or processing.
List down the different payment channels used for accepting payments: POS terminal, Kiosk terminal, website, mobile applications and direct debit.
Tentative number of transactions per year.
*
List of internal IP addresses (systems) in scope.
*
List of external IP addresses in scope.
*
Time Estimation
Are network devices such as Firewall, Routers, Layer 3 Switches managed by your own team or is this outsourced to third party?
*
Yes
No
Do you store Credit/Debit card numbers? If yes, is data encrypted?
*
Yes
No
Do you have Antivirus on Windows/Linux servers
*
Yes
No
Do you have Intrusion Detection/Prevention System in your network
*
Yes
No
Do you have File Integrity Monitoring tool on your servers
*
Yes
No
Do you have centralized log management and correlation server. Do you have SIEM solution for log review and correlation
*
Yes
No
Do you perform periodic Vulnerability Scans and Penetration testing of your network and Payment applications
*
Yes
No
Do you perform annual Risk assessment
*
Yes
No
Do you patch your servers (OS) on regular basis
*
Yes
No
Is your Payment application in development phase or completed
*
Yes
No
Submit
Cybersigma Consulting Services©
