PA-DSS Validation
The goal of every PA-DSS validation project is the same - to get a clean Report on Validation (ROV) that is accepted by the PCI Security Standards Council and listed on their site as a validated application. The path to that goal makes all the difference.
The Coalfire PA-DSS process is the best in the business. We start working with you when you're still architecting your application and help you build in compliance from the start. We do that by giving you tools to document your application and close compliance gaps before you hand it off to our lab. We call it the ‘no surprises’ ROV - you get a comprehensive and accurate assessment, but together, we will have pre-validated everything so you can reasonably expect a passing ROV on budget and on schedule.
Rapid PA-DSS
Coalfire assigns a senior assessor to each new client, and that assessor will set you up with Navis Rapid PA-DSS, Coalfire’s online work flow management and assessment tool, while you are still in development.
Rapid PA-DSS will help you:
- Become familiar with the PA-DSS standard.
- Create the documentation and evidence you’ll need to get the application tested.
- Identify compliance gaps.
- Remediate gaps and/or develop compensating controls.
- Securely create, store and transmit the reports you’ll need to submit to the Council.
Not all ROVs are the same
Coalfire has been a PA-QSA firm since the inception of the PA-DSS standards and we complete more ROVs than any other independent assessor firm. More than 90% of our clients continue to work with us after their initial assessment, and we are increasingly taking on new clients who come to us for a fresh, independent assessment. We are closely aligned with the PCI SSC and actively participate on working committees responsible for updating the standards and testing procedures.