Process of getting PCI-DSS
It is a systematic step-wise process to get a PCI DSS for your business.
A. Assessment of Business Level- Your first job is to analyze where you are right now. For different businesses, there are different security standards based on how you handle customer transactions, how you handle data, what credit card companies and banks you work with, and how much volume you handle.
Various companies have different standards here, such as MasterCard's and Visa's, which describe four and five corporate Levels, respectively. Analyze where you are coming from and how your business is described in the general standards of PCI, so you are ready for the next steps.
B. Self-Assessment Questionnaire- The self-assessment questionnaire (SAQ) is a relatively painless guide that can be used to assess your current level of compliance. Actually, there are nine different versions of the SAQ guide, but don't let that scare you.
These versions are available for different types of business, so you'll need only a book that applies to your business. When you have it, the guide is going to walk you About a dozen different requirements, and for each of them, you'll answer "yes," "no," or "N / A." This will help you identify the missing parts of your company's payment security.
C. Changes if any- after the self - assessment questionnaire (SAQ) is filled if any shortcomings on compliance it needs to be corrected after necessary correction SAQ is filled again.
D. Formal Attestation of compliance - Once you are done with SAQ you need to file formal Attestation of compliance.
This is a legal formality which states that your business is fully compliant with PCI Standards.
E. Audit- Once you are done with AOC you can have the process audit and have a report made on your process only to file paperwork and get a PCI DSS.
F. Filing- Paperwork is filed with your credit card/debit card/ bank you will need to submit your SAQ and AOC along with it once filed you will be PCI DSS within few days.