PCI Compliance

Resolver’s PCI-DSS solution enables you to manage Payment Card Industry Data Security Standards compliance centrally, easily, and securely. Our PCI compliance software solutions simplifies PCI-DSS assessments by capturing assets, requirements, vulnerabilities, gaps and actions all in one application.

Our custom assessment templates allow you to rapidly assess ‘in-scope’ assets. Because of our flexible data model and ability to support other standards, you can also understand and take advantage of overlaps between PCI, ISO 27002, COBIT and other IT Governance Frameworks.

Here are some of the common challenges with PCI that we help address:

  • Vulnerability scans yield a large number of exceptions and you spend too much time determining which assets to work on first
  • You spend too much time on reporting status and progress
  • Your annual compliance report is time consuming
  • Your PCI efforts are stand-alone and there is duplication of effort
  • Results from previous work are not readily accessible

Find out how GRC Cloud for PCI can help you manage your compliance efforts with greater efficiency and certainty:

Feature Benefit

Frameworks

Pre-built, editable compliance frameworks are updated and managed through a simple drag-and-drop interface. Pre-built frameworks allow you to get up and running quickly and easily. Click here to a view list of supported frameworks.

Updates and Alerts

For many of our frameworks, we provide continuous updates that are published into the software. We track the applicable laws and regulations for you and the system then alerts the appropriate users that a change has occurred.

This feature reduces the requirement for your own people to track and interpret changes to the regulation.
Updates and alerts in the system help mitigate the risk that a change to a law or regulation might be missed.

Updates and alerts in the system help mitigate the risk that a change to a law or regulation might be missed.

Scoping

Risk-based scoping framework to determine company’s compliance exposure. Focus on the high risk areas to ensure maximum compliance coverage with optimal resources.

Integrated Frameworks

Linkages between frameworks can be established, particularly in instances when multiple regulations or laws drive a single requirement. You can ask the business once and potentially satisfy multiple requirements and stakeholders.

Workflow

Configurable workflows with E-mail notifications and reminders. The workflows will generate significant efficiencies in the compliance management processes and also improve the quality of the work being done.

Dashboards

Compliance status dashboards Your compliance team, Management, the Board and external stakeholders can know the company’s level of compliance at any point in time.

Flexible Reporting

The system has a robust and flexible reporting capability. You can easily respond to ad-hoc reporting requests, share reports or run scheduled reports. These reports can be customized depending on the intended audience. You will dramatically reduce the time spent generating reports and determining the status of risks and controls.

Integrate with your GRC Program

You have the ability to integrate compliance management with audit and risk management activities. This can allow for greater efficiencies as work is often duplicated in other GRC functions. This can also allow Management and the Board to see an integrated and complete view of the company’s risks.

Multiple Levels of Sign-Off

This is completely configurable and you can assign any number of levels of sign off to any item in the system. This is a workflow-driven feature that allows you to ensure the right checks and balances are in place. When a control has been passed or certified, you have the maximum amount of confidence that this is an accurate representation.

Framework Updates

Resolver provides a service for many of the compliance frameworks whereby we track the appropriate laws and regulations and then provide updates to you on a scheduled basis. By providing updates to regulatory content in the system, Resolver helps ensure you are aware of changes to the regulatory environment. This means you are not doing unnecessary work and that you are prioritizing the right activities.

Audit Trail

Any change made in the system can be tracked, viewed and reported upon. This level of transparency allows the team to be fully accountable to internal and external stakeholders.

Automatically Update Values

The system can be configured to automatically populate certain values such as a risk rating, a date, or the fact that work has been completed. In addition to being more efficient than manual updates, this feature helps eliminate potential human error or omission.

Central Document Repository

If desired, all of your internal documents can be managed in the Legislative Compliance Management System. Quick and easy access to the correct documents is critical to the control evaluation process. For the team to make the correct evaluation of a control related to a policy, regulation or law, they need to be able to find the appropriate information.

Call Or E-mail Us To Find Out More

“We had a NERC CIP Audit earlier this year and the auditors were constantly asking for more information, more files and more evidence, so having the GRC Cloud software in place was incredibly helpful. I really enjoy the system and I’d recommended it to other utilities looking for a compliance management system.”

- Bangor Hydro

“Our working relationship has been very positive. [GRC Suite] was just more user-friendly than the competitor. It’s very intuitive. That was very important to us because our users do not use a compliance system day in day out.”

- BC Hydro, Electric utility servicing 4.5 million residents of British Columbia

Call Or E-mail Us To Find Out More

* Applicable License Fees Apply