SAMS
Security Accreditation Management System (SAMS) is a dedicated platform for acheiving and managing compliance:
- Compliance enabler: SAMS for PCI is a solution which empowers organizations to achieve PCI Compliance on their own, thus reducing the need for external consultants.
- Maintaining compliance: Once compliance is achieved, SAMS enables organizations to maintain compliance without much extra effort or the need for external consultants.
- Reduce cost of compliance: Because SAMS enable organizations to take care of their own compliance effort, this can reduce or eliminate costly consultant fees, in addition SAMS helps customers manage their compliance costs, with its inbuilt budget management function.
How SAMS Enables Organizations to Take Control of the Compliance Process
Automated online interrogation process:
VigiTrust has developed a dynamic PCI DSS assessment process, based on years of hands on experience in helping companies become PCI compliant. Organizations may confirm compliance status either by following the format of the PCI DSS 1.2 documentation if they are familiar with the process or by answering questions based on the VigiTrust Five Security Pillar™ framework within SAMS. The results are used as the basis for defining and optimizing remediation efforts in terms of policies & procedures, technical solutions and user awareness controls to implement to achieve compliance with PCI DSS.
Pre -Audit Report on compliance:
Based on the data obtained from the on-line interrogation process, SAMS creates a pre-audit report, detailing the corrective action required in order to achieve compliance.
The pre-audit report includes a clear remediation path and details specific changes necessary in order to align policies & procedures with PCI DSS requirements. The report will also indentify technical changes and solutions to be implemented as well as specifying user awareness training for the relevant staff. This is presented in the shape of multiple view project plans available for all relevant PCI DSS team members.
Provides Policies & Procedures Templates:
SAMS provides an extensive library of policies and procedures for organizations to use in their compliance process. These policies and procedures have been tried and tested by VigiTrust with companies which they already have enabled to become PCI DSS Compliant.
Secure Repository:
SAMS incorporates a secure database, for storing all data relevant to the PCI Compliance process. The data includes but is not limited to, credit card processing workflows, tailored policies & procedures, network architecture diagrams, software and hardware asset inventory as well as quarterly network scan results.
PCI Project management functionality:
SAMS incorporates project management features for scheduling remediation and maintenance tasks relevant to the compliance process, such as network scans, inventory updates etc. Users are flagged of such tasks in advance and then prompted to complete them at the appropriate time. SAMS will also prompt for any updates to documents held the secure repository as required by the standard.
Budgeting function:
SAMS incorporates a budget management function, which enables organizations to define and manage a budget for the compliance process. The SAMS Budget function covers all costs associated with the compliance process e.g. man-hours, hardware purchase, software purchase etc. The Organization will be alerted if there are overspending in one particular area or within a particular time frame
Real-time visibility:
With SAMS dashboard view, user can get up to date detailed views of the progress of compliance process. The dashboard view shows the status of compliance in relation to each of the 12 PCI requirements and allows users to see progress for Policies & Procedures, Technical Solutions as well as User Awareness controls. Controls are shown as compliant, non-compliant or as work in progress. Each report accessed by authorized users can be exported to pdf and is stored in the SAMS compliance database.
Central management of compliance process.
Where a global organization has different PCI DSS compliance projects on going in different territories, SAMS provides full visibility for each separate PCI project as well overall compliance status through dashboard views and extensive choices of reports. Using SAMS, organizations can easily monitor and manage several different PCI Compliance processes from one location.
Additional consultancy available:
SAMS was created to make VigiTrust’s many years experience in helping companies achieve PCI Compliance available through a web based application. All processes, workflows and policies and procedures have been tried and test in real life PCI DSS compliance projects.
SAMS can also be complemented with on-site, telephone and web based consulting services available from VigiTrust’s security experts to support your organization in its compliance efforts
