Next to high structural and organisational safety requirements which are proven by a so called Physical Security Audit, additional high safety requirements are defined on the data processing and storage at card producers in the credit services sector. With so called Logical Security Audits card manufacturers and personalization bureaus can prove to MasterCard that they run a security management system which reliably controls all IT-relevant aspects. Requirements on the organisation of IT-security as well as technical requirements on IT-systems and processes that process personalised data result from the Logical Security Requirements.

SRC is accredited by MasterCard to perform combined Physical and Logical Security Audits according to the Standards of the payment system. Both aspects are audited during one audit session to minimize time and costs for the audited companies. If applicable further combination with PCI DSS is possible (see below).

SRC is a leading auditor of Logical Security Audits in Europe. We will be glad to submit a long-term offer for a primary and/or re-certification to you. Since audits have to be repeated yearly according to the MasterCard guidelines, audits have to be repeated yearly. In the scope of an Audit preparation we provide our clients with extensive support.

As SRC is additionally accredited as Qualified Security Assessor and Approved Scanning Vendor by the PCI Standards Security Council, we can offer combined audits according to MasterCard Logical Security Audit and PCI Data Security Standard and in addition SRC can perform security scans as required by the Logical Security Requirements. By combining this two audits internal efforts can be reduced significantly.

Due to its long-time experience, combined know-how and efficiency in the field of physical and logical audits, SRC has gained a high level confidence from its customers. Apart from cost savings that are achieved by combining the audits, we strive to demonstrate our customers the ongoing significance of the PCI standard and its implications in order to ensure that they feel increasingly confident with the handling of cardholder data and consequently manage to enhance their company's establishment in the market. In 2008, SRC has compiled a case study which serves to clarify the importance, SRC attaches to its role as a negotiator between its customers and the credit card organisations.

• SRC Case Study 2008: BORICA Ltd.

Well-known card personalisation bureaus from all over Europe are among our customers. SRC performs more than two dozens of Logical Security Audits each year and hence supports its customers to gain compliance according to the requirements defined by MasterCard.