PCI DSS All-in-One SAQ Toolkit – Merchants: The vast majority of businesses (i.e., both merchants and service providers) can luckily self-assess against the Payment Card Industry Data Security Standards (PCI DSS) framework, and as such, only need to complete an annual Self-Assessment Questionnaire (SAQ). Our PCI DSS All-in-One SAQ Toolkit – Merchants, includes the following professionally developed documentation, and it’s all available for instant download, with easy-to-use MS Word templates:
PCI DSS SAQ Security Policy and Procedures Manual for Merchants: The PCI DSS Security Policy and Procedures manual includes over 300 pages of professionally researched, industry leading information security policies, procedures, forms, checklists, templates, and much more. Additionally, the documentation maps directly to each of the prescriptive requirements for the twelve PCI DSS standards, thus making policy development that much easier!
Cybersecurity and Information Security Awareness Program: Educating employees on current security issues, threats, and concerns is not only a requirement for many of today's regulations, it’s a best practice every organization should be doing. We’ve developed an incredibly comprehensive, easy-to-use and implement security awareness training manual for ensuring your employees have a strong understanding of current cybersecurity topics.
Risk Management & Risk Assessment Program: Assessing an organization’s cybersecurity risks – and other related risks – is a strict mandate for many of today's regulatory compliance mandates and our comprehensive, easy-to-use and implement risk assessment program delivers. You’ll receive a detailed risk assessment document via MS Word covering 16 different types of risk areas – all developed in accordance with NIST SP 800 standards (i.e. NIST 800-30, 800-53, and more) – and other best practices, for assessing risk.
Third-party Due-Diligence & Vendor Management Program: Comprehensive third-party due diligence initiatives, along with consistent measures for assessing and monitoring vendors, is an absolute necessity for today's growing compliance mandates, and InfoSec best practices. You'll therefore receive an in-depth MS Word template covering all essential phases relating to (1). vetting potential service providers, then (2). monitoring such providers on a regular basis. The template is an excellent tool for assessing a third-party’s internal controls and related processes and procedures for a wide-range of areas and key risk factors.
Cyber Incident Response and Reporting Program (CIRRP): The toolkit also comes complete with an incredibly in-depth, expertly researched and written, and easy-to-use and implement cyber incident response and reporting program. The Cyber Incident Response and Reporting Program (CIRRP) has been developed by industry leading cybersecurity and compliance experts, resulting in the most comprehensive Cyber Incident Response and Reporting Program found anywhere today.