Merchant Compliance Management
SecureGRC merchant compliance management helps banks and financial institutes to ensure their merchants comply with the regulations applicable to their business.
What is Merchant Management?
According to VISA,
Acquirers are responsible for ensuring that all of their merchants comply with the PCI Data Security Standard (DSS) requirements
And according to MasterCard,
MasterCard fundamentally views our member Acquirers as owning the acquiring payment channel. Given this perspective, MasterCard works to administer the SDP Program through our Acquirers, working with merchants to further secure the transaction infrastructure. Please note that acquirers themselves do not need to go through the SDP compliance process but they must manage the SDP process for their merchants.
Merchant Management is the process that enables card acquirers to ensure that their merchants are compliant with the PCI Data Security Standard and thereby satisfy the demands of the various card brands. SecureGRC merchant management enables organizations (banks, acquirers, service providers etc.) to manage the compliance of their merchants with the PCI DSS. Merchant management automates many of the manual tasks associated with the merchant compliance process. When organizations are dealing with thousands of merchants, the process of managing compliance could consume an enormous amount of resources, time and money. CMM enables organizations to reduce all of these by providing a single interface to all compliance processes through a universally accessible web based interface.
Key Features
· Automate monitoring of controls such as management of sensitive data and technical controls.
· Enable vendor managers to manage risk.
· Assess vendor risk using various assessment types and a library of questions based on best-practice standards.
· Derive risk and compliance ratings by type of vendor from assessment results.
· Measure vendor compliance to policies and procedures.
· Track and address areas of non-compliance identified in the vendor assessment process
Policy Management
What is Policy Management?
Policy management is the overall process of managing the plethora of policies, procedures, guidelines and other documents that are part of the governance framework and function in any organization.
SecureGRC Policy Manager
SecureGRC Policy Manager provides an integrated solution to managing all the policies, procedures, guidelines, or standards that are the basis of the governance framework at any organization. Policy Manager allows organizations to consolidate all their policies, store them in a central repository, measure the IT compliance with these policies, and view various statistics from a central dashboard.
Policy Manager provides access to the core elements from the SecureGRC platform such as Workflow, Document Management, Policy Inventory, Fine-grained access control through a secure Web based interface.
Key Features
· Single and centralized repository for all policies
· Version control for all policies and procedures
· Monitor acceptance of policies
· Out of the box policy and procedure templates
· Ability to link policy and procedures to controls
· Dashboards and reports
· Remediation tracking
No comments:
Post a Comment