PCI DSS Services

Does your business take payment cards, or could impact the security of payments cards?  We offer PCI DSS assessment service. 

 

PCI DSS Workshop

If you are looking to get started in PCI DSS, then the workshop will serve as an introduction to PCI DSS.  This covers the basics of PCI DSS compliant, how to get compliant and reporting requirements.

 

PCI DSS Gap Analysis Assessment

PCI DSS is a standard that many merchants and service providers need to meet.  The purpose of the gap analysis is to understand where you are right now, and in the current situation what you need to do, to meet compliance if you directly try to satisfy. 

You will receive a gap analysis report indicating areas of compliance, and areas that need to be fixed/remediated.

 

Options Analysis

In some cases, you may find that directly fixing each control to meet PCI DSS compliance may mean this can take a long time to get PCI DSS compliance.  Often the case, we find that many businesses try to get PCI DSS compliant by addressing most PCI DSS controls, which actually is often the slowest way (based on typical payment processes we review).  

Actually, there are different ways of getting PCI DSS compliant quicker, but really does depend how the business is currently operating.  There are often different options to reduce the amount of PCI DSS controls in-scope, but does mean reviewing the way payments cards are taken and reducing the scope for PCI DSS.  What we offer is ‘Options Analysis’ report to clients, to help support attaining PCI DSS compliance in a more pragmatic way.

 

FAQs

Q: Our organisation is complex. Can you help?

A: Our consultants have covered many different types of organisations, all the way from small businesses with a single card payment machine, right through to banks that usually have the most complex payment systems.  So it is likely is that what your organisation does is something we have seen many times before. 

We start with a call to find out your specifics.  Most often, after discussion we find that requirements are typical situations that we can cover.

Q: Do you need to know information about our systems?

A: For the workshops, we do need a high level overview of the types of business processes in scope.  Based on the business processes, we will need a high level overview of the systems provisioning the business processes.  When we undertake gap analysis, there specific questions that does mean we will review your systems in more detail.  Do not worry if you feel you do not have all the answers, as this will be noted to help you get to compliant.