PCI DSS Services and Solutions
IT Governance is uniquely qualified to provide Payment Card Industry (PCI) services.
Our range of consultancy, technical security, software and training services help organisations meet and exceed the requirements of the PCI Data Security Standard (PCI DSS).
We can work with your organisation to implement suitable solutions that will enable you to reduce your risks and ensure compliance with the PCI DSS.
Our PCI DSS services include:
Our PCI DSS support contract for SMEs is a cost-effective, all-inclusive PCI DSS assistance programme that brings together policies and procedures, approved quarterly scans and staff training resources with our expert online consultancy support and advice, at a price that you can afford.
Our Live Online Consultancy service enables you to purchase the consultancy support you need by the hour, quickly and cost-effectively.
PCI DSS SAQ Validation and Support
A PCI DSS SAQ validation service will help you identify the right SAQ to complete and provides support and advice to achieve full PCI DSS compliance so that you can complete your SAQ with ease.
PCI Scope Assessment and Reduction
Our PCI DSS Scope Assessment and Reduction service provides a detailed review of your organisation’s cardholder data flows and produces a report providing actionable recommendations and an estimate of the benefits of any proposed scope reduction activities.
PCI DSS Gap Analysis
A PCI DSS gap analysis conducted by an IT Governance QSA will map critical information processes and technical infrastructure. By assessing your current state of compliance, we can outline the most cost-effective approach to meeting the PCI DSS obligations.
PCI Implementation and Continual Improvement
A PCI DSS remediation service conducted by an IT Governance QSA can help manage your team’s PCI DSS remediation efforts, delivering a plan to reach full compliance and demonstrating efficient use of budget and resources.
PCI Compliance Audit and ROC
A PCI audit conducted by an IT Governance QSA provides a thorough assessment of the controls you have implemented, establishes whether they meet the requirements of the Standard and attests that your organisation is in full compliance.
PCI Compliance Penetration Testing
Requirement 11 of the PCI DSS describes the need for regular security testing. Our PCI compliance penetration tests assess your security systems, public-facing devices and systems, databases and other systems that store, process or transmit cardholder data to discover your vulnerabilities before cyber criminals do.
PCI ASV scanning
Our HackerGuardian scanning service performs highly accurate scanning of your externally facing systems as required by the PCI DSS. It runs more than 60,000 tests on your organisation’s servers and network, and it provides clear advice on how to fix any security vulnerabilities.
Training and staff awareness
This interactive e-learning course is designed to increase employees’ awareness of the PCI DSS requirements and to ensure that all employees are taking the correct steps to protect themselves, the organisation and customers.
PCI training courses
We offer training courses (both classroom and in-house) for all staff, from foundation-level to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.
PCI DSS Documentation Toolkit
The IT Governance PCI DSS Documentation Toolkit provides an extensive list of policies and forms appropriate for the PCI DSS. The toolkit also includes a set of project management tools, such as a document checker, a gap analysis tool and several other resources to help with the implementation of your PCI project.
How IT Governance can help you
Our services provide a tailored route to PCI compliance, scalable to your budget and needs.
We go further than a simple ‘yes/no’ approach to better understand how security measures work.
We work in partnership to help you understand what is required and why.
We can offer expertise to vet compensating controls and make sure they are adequate.
Companies using our PCI DSS products and services:
"IT Governance were very professional and pragmatic in their approach, and displayed a level of understanding of our business that we found unique and refreshing.”
Damien Everard, COO of Appletree.
Speak to an expert
We have a team of account managers and security consultants to discuss your PCI DSS challenges. Get in touch with one of our specialists today for further infromation, or to get a tailored quote for your organisation.