This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

PCI DSS Services and Solutions

Our PCI DSS services

IT Governance is uniquely qualified to provide Payment Card Industry (PCI) services. 

Our range of consultancy, technical security, software and training services help organisations meet and exceed the requirements of the PCI Data Security Standard (PCI DSS).

Support contract

PCI Compliance and Support Contract for the Smaller Business

Our PCI DSS support contract for SMEs is a cost-effective, all-inclusive PCI DSS assistance programme that brings together policies and procedures, approved quarterly scans and staff training resources with our expert online consultancy support and advice, at a price that you can afford.


Live Online Consultancy

Our Live Online Consultancy service enables you to purchase the consultancy support you need by the hour, quickly and cost-effectively.

PCI DSS SAQ Validation and Support

A PCI DSS SAQ validation service will help you identify the right SAQ to complete and provides support and advice to achieve full PCI DSS compliance so that you can complete your SAQ with ease.

PCI Scope Assessment and Reduction

Our PCI DSS Scope Assessment and Reduction service provides a detailed review of your organisation’s cardholder data flows and produces a report providing actionable recommendations and an estimate of the benefits of any proposed scope reduction activities.

PCI DSS Gap Analysis

A PCI DSS gap analysis conducted by an IT Governance QSA will map critical information processes and technical infrastructure. By assessing your current state of compliance, we can outline the most cost-effective approach to meeting the PCI DSS obligations.

PCI Implementation and Continual Improvement

A PCI DSS remediation service conducted by an IT Governance QSA can help manage your team’s PCI DSS remediation efforts, delivering a plan to reach full compliance and demonstrating efficient use of budget and resources.

PCI Compliance Audit and ROC

A PCI audit conducted by an IT Governance QSA provides a thorough assessment of the controls you have implemented, establishes whether they meet the requirements of the Standard and attests that your organisation is in full compliance.

Technical security

PCI Compliance Penetration Testing

Requirement 11 of the PCI DSS describes the need for regular security testing. Our PCI compliance penetration tests assess your security systems, public-facing devices and systems, databases and other systems that store, process or transmit cardholder data to discover your vulnerabilities before cyber criminals do.

PCI ASV scanning

Our HackerGuardian scanning service performs highly accurate scanning of your externally facing systems as required by the PCI DSS. It runs more than 60,000 tests on your organisation’s servers and network, and it provides clear advice on how to fix any security vulnerabilities.

Training and staff awareness

Staff awareness

This interactive e-learning course is designed to increase employees’ awareness of the PCI DSS requirements and to ensure that all employees are taking the correct steps to protect themselves, the organisation and customers.

PCI training courses

We offer training courses (both classroom and in-house) for all staff, from foundation-level to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.


PCI DSS Documentation Toolkit

The IT Governance PCI DSS Documentation Toolkit provides an extensive list of policies and forms appropriate for the PCI DSS. The toolkit also includes a set of project management tools, such as a document checker, a gap analysis tool and several other resources to help with the implementation of your PCI project.

How IT Governance can help you

Our services provide a tailored route to PCI compliance, scalable to your budget and needs.

We go further than a simple ‘yes/no’ approach to better understand how security measures work.

We work in partnership to help you understand what is required and why.

We can offer expertise to vet compensating controls and make sure they are adequate.

Companies using our PCI DSS products and services:

"IT Governance were very professional and pragmatic in their approach, and displayed a level of understanding of our business that we found unique and refreshing.” 

Damien Everard, COO of Appletree.

Speak to an expert

We have a team of account managers and security consultants to discuss your PCI DSS challenges. Get in touch with one of our specialists today for further infromation, or to get a tailored quote for your organisation.