NewRocket PCI Manager

Control costs and improve results of PCI compliance with ServiceNow

Book time with one of our experts

Actively manage
scope

TheNewRocket PCI Manager extends ServiceNow's extensive asset portfolio capability to include managing Cardholder Data Environments (CDE).

Proactively manage controls

Effective compliance is being ahead of issues. The ServiceNow controls management function automates control definition and documentation, automates issue tracking and exception handling, and provides real-time visibility into your current state.

Rapid compliance reporting

With our PCI-DSS 4.0 update you can easily harness the power of ServiceNow to produce your Report of Compliance (RoC) faster, cheaper, and more accurately.

Leverage existing ServiceNow investments

Asset inventories and CMDB are at the heart of every ServiceNow deployment. Extending this existing core functionality to PCI CDE management takes advantage of capabilities that your organisation already has in place.

72.4

Increase in credit card fraud reports. (Federal Trade Commission 2020)

Of all consumers have been victims. (Ascent consumer survey 2019)

Of retailer log-ins by hackers are using stolen data. (Shape Security)

How NewRocket PCI Manager extends ServiceNow

ServiceNow CSM (Customer Service Management)

Guided process for defining CDE's

Scoping CDE’s and assets for assessment

Sampling and fieldwork

Capture compensating controls

BEFORE NEWROCKET PCI MANAGER

COSTS
Resource intensive manual efforts drive ever-increasing costs to keep up with evolving business demands, compliance requirements, and ever-expanding scope.
COMPLEXITY
Without a trusted inventory, the constant change in business and technology environments requires significant effort to maintain a tightly controlled scope.
RESULTS
‍Manual efforts and complexity create errors and oversight which impact assessment results and expose the business to unnecessary risks.

COSTS
Automation and instrumentation in ServiceNow reduces resource demands and efficiently manages scope which is upwards of 50% of the cost of PCI compliance.
COMPLEXITY
With an accurate and up to date inventory that is tuned to the needs of PCI coupled with automated control management, understanding state of compliance becomes a simple task.
RESULTS
Automation and a trusted inventory speed assessments, lets you get ahead of issues, and clearly present a high-performance PCI program to your assessors and your business.

NewRocket PCI Manager – Features and Benefits

Cardholder Data Environment (CDE) Identification and Management

Clearly identify the CDE accurately using the organizations Configuration Management Database (CMDB) or simple asset listings to define total possible CDE using bulk search functions. By integrating with the CMDB the CDE assets are better able to be tracked, managed and maintained for better accuracy.

CDE Bulk Scoping

Ability to bulk scope addresses the volume challenge most organizations have with the changing inventory of PCI assets. QSA can review scope from a single source of truth and make comments. Every Record of Decision (RoD) captured as a scoping record is stamped with the reviewers’ name.

Random Sampling Support ofCDE assets

By automating the random selection of CDE required for testing allows the organization to quickly reduce the effort involved for selecting and testing those assets. Random sampling builds trust in the assessment process. The feature also supports manual selection of assets for re-test after remediation.

Reduce Record Administration in PCI Controls

By leveraging the ServiceNow platform to support your PCI process, data creation and population is significantly reduced. New PCI assets will automatically generate assessable profiles and controls as soon as the new PCI asset is added to the CMDB.

PCI Data Content for Acceleration

Includes an accelerator package, preloaded with the latest PCI DSS. Over 800 pre-built test cases extracted directly from the DSS and Report on Compliance (RoC) in order to have a consistent and repeatable method to test your controls.

Reduce Burden of Evidence Collection and Location

Evidence is collected and stored in a central secure repository for each CDE and can be shared across an organization’s multiple CDEs. This reduces the audit burden and allows the collection of attributes completely aligned with the official RoC template.

Next Steps

NewRocket products accelerate your ability to achieve the business results you are looking for and are a great compliment to our world-class services. Let's meet to find out how NewRocket can help you navigate the changes in your business environment.

Book a Call