According to the governance, risk and compliance (GRC) specialist, the software will also track residual risk status in relation to performance of PCI controls and key metrics, as well as offering visibility of information for auditors.
Acuity says that the PCI DSS compliance management tool is configured with the detailed PCI DSS requirements and security assessment procedures. When used with the firms STREAM Integrated Risk Manager software it will, the firm adds, help automate your PCI compliance management.
This will, explains the company, allow IT professionals to measure, monitor and report on PCI compliance, as well as reporting on status against milestones for a prioritized approach to PCI DSS governance.
By taking this approach, Acuity claims that this will mitigate the risk of incidents resulting from non-compliance, meaning companies cab also save costs associated with crisis responses, direct losses and reputational damage.
Announcing the free software, Simon Marvell, a partner with the GRC specialist, said that, as PCI requirements impact any business handling payment card information, there is a critical need for a practical risk-based approach to PCI compliance,
This approach, he added, is based on easy-to-use, accessible tools that identify, log and report incidents or near misses - and use this information to continually improve the PCI compliance management process.