PCI ToolKit

The PCI ToolKit is a patent pending solution that makes helping merchants achieve and maintain Payment Card Industry Data Security Standard (PCI DSS) compliance quick and easy while alleviating a significant business burden your organization faces.

Complying with the PCI DSS is complicated, confusing and involves a lot of work for both you and your merchants alike. The consequences of non-compliance are serious, and can expose you and your merchants to non-compliance penalties as well as increased liability in the event of a data compromise.

For most merchants, PCI compliance must be validated on an annual basis and in some cases, when externally-facing Internet Protocol (IP) addresses are involved, quarterly network vulnerability scans are required.

You must ensure that your merchants validate compliance at the appropriate classification level and obtain their merchant compliance validation documentation. Additionally, you must submit monthly compliance status reports to the payment card brands.¹Further, all compliance-related validation documentation must be properly archived so that it can be provided to the card brands upon request.

A Solution to the Problem

PCI ToolKit takes the headaches and hassle out of PCI compliance validation by eliminating the need to decipher complicated and confusing rules, regulations and forms, while helping you manage and report on portfolio compliance.

In independent product trials, PCI ToolKit is consistently selected as the best-in-class solution for ease of use, greater questionnaire completion rates and more merchants actually achieving compliance.

Merchant Functionality

PCI ToolKit’s automated PCI DSS Self-Assessment Questionnaire (SAQ) guides merchants through a series of business-friendly, simple-to-understand questions presented in layman's terms about their payment processing environment. Sophisticated survey logic analyzes responses real-time to present only questions pertinent to their businesses going forward.

Based on SAQ responses, PCI ToolKit identifies areas of potential weakness and risk, and automatically generates simply-worded policies and procedures, remediation instructions and a remediation timeline.

A merchant dashboard provides up-to-the-minute SAQ progress details. It also identifies remaining tasks and remediation actions to be addressed to achieve compliance validation and generate a certificate of compliance.

Online help, plus swift email support provides hand-holding and guidance to help merchants successfully complete the SAQ and comply with card brand reporting requirements.

PCI ToolKit works with all PCI Security Standards Council Approved Scanning Vendors (ASVs). Services from ComplyGuard Networks are seamlessly integrated in terms of merchant boarding, reporting and billing.

Acquirer/ISO Functionality

A single sign-on dashboard is the gateway to all PCI ToolKit portfolio management functions:

Manage Account

Set up and modify company profile
Set up administrators and passwords

Board Merchants

Upload initial merchant portfolio batch file
Upload monthly or quarterly new merchant batch file
Board merchants online, one at a time
Generate initial portfolio welcome letters for mass mailing

Manage and Monitor Portfolio

View entire portfolio status
View sub-ISO portfolio status
Merchant search
View merchant status
View audit trial of completed merchant tasks
Login to exact merchant view

Generate Reports

Merchant portfolio status dashboard
Merchant portfolio status detail
Merchant open tasks
Merchant PCI milestone vulnerability
SAQ type
Inactive merchants
Monthly card brand
Prohibited data storage
Scan status
Compliance certification

Automatic Merchant Reminder Emails

Set up a user profile and take the initial SAQ
Finish a partially completed SAQ
Complete a quarterly scan, remediate a failed scan or resolve an expired scan
Resolve past due remediation items
Complete the attestation statement
Annual recertification
No storing of prohibited information

PCI ToolKit is brandable with your company's logo and can be launched by your merchants directly from your website.

When it comes to PCI compliance, count on PCI ToolKit to take care of all the details so that you don’t have to.

To learn more about PCI ToolKit and talk with one of our Certified Information Privacy Professional (CIPP) experts, please call 866.462.7774 or email sales@csrcorporate.com today!

¹ Monthly Level 4 merchant PCI DSS status may be reported at the acquirers’ discretion.

Related News

Compliance Solutions Firm Adopts New Name - 01.31.12
CSRSI, Inc., the leading provider of data compliance solutions and expert services that help businesses turn compliance into revenue, announced the re-branding of the company to CSR. The new company name stands for Compliance Solutions and Resources.
CSRSI Team on Regulatory Update and Interchange Panels at ETA 2011: Well-Received - 06.20.11
Ross Federgreen, founder of CSRSI, a leader in payments and data privacy consulting, and Mark Brady, Senior Consultant at CSRSI, will participate in panels covering Regulatory Updates at the ETA annual meeting.
CSRSI Announces New and Improved Version 2.0 of the PCI ToolKit Program for PCI Compliance - 04.22.11
Rick Heroux, president of CSRSI, a leader in the field of PCI compliance and data protection, announces the new version 2.0 of the PCI ToolKit.
CSRSI Team to Moderate and Participate on Regulatory Update and Interchange Panels at ETA 2011 - 04.22.11
Ross Federgreen, founder of CSRSI, a leader in payments and data privacy consulting, and Mark Brady, Senior Consultant at CSRSI, will participate in panels covering Regulatory Updates at the ETA annual meeting.
CSRSI Joins the International Association of Privacy Professionals (IAPP) - 11.30.10
Certification with IAPP will mean that CSRSI can provide clients a new level of expertise and credentials to detect and protect personally identifiable information from identity theft.