PCI for Small and Medium-Sized Businesses
Our PCI support contract brings expert consultancy support and advice, policies and procedures, approved quarterly scans and staff training resources together at an affordable price.
Supporting small businesses to secure card data.
Our PCI DSS support contract for SMEs is a cost-effective, all-inclusive PCI DSS assistance programme for merchants needing to complete an annual self-assessment questionnaire (SAQ). It includes PCI policies and procedures, approved quarterly scans, staff training resources and expert online consultancy support and advice at an affordable price. Purchasing this service makes PCI certification quick and simple and significantly reduces the effort (and cost) spent on keeping your business PCI-compliant.
The package includes:
Expert advice and assistance
As an approved Qualified Security Assessment (QSA) company, we can help you identify the right SAQ to complete and provide the appropriate support and advice to achieve full compliance with the PCI DSS. You will have direct access to our QSA team, providing the support you need as and when you require it.
- Get expert QSA assistance with the SAQ and other requirements.
- Determine the gaps between your compliance efforts and the Standard.
An online PCI SAQ
An SAQ is a document that merchants processing less than 6 million transactions annually are required to complete every year and submit to their acquiring bank. Taking the SAQ with us is the quickest way to find out what you need to do to become PCI compliant, with expert help at every stage.
- Our intuitive web-based application guides merchants through every step of the PCI SAQ.
- Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question.
PCI project implementation tools and policies
Designed by a leading QSA, our documentation toolkit contains all the expert guidance, advice and fully customisable documentation templates you will need to keep your payment card operations running smoothly and securely. It contains:
- A gap analysis tool, which will help organisations set their perimeters and identify the scope of the project; and
- All the policies and work instructions you need to achieve compliance with the Standard.
HackerGuardian vulnerability scans
Our HackerGuardian Scanning Service is a vulnerability assessment scanning solution designed to identify website vulnerabilities and, where relevant, to achieve and maintain PCI compliance. Website and network administrators have complete control over their scanning service and use a secure online console to schedule and run scans.
- Run scans easily and get the reports you need to submit for PCI compliance.
- Backed by Comodo, a PCI Approved Scanning Vendor (ASV).
Why buy the PCI DSS support contract for SMEs?
- Responsive service - IT Governance is an authorised QSA (Qualified Security Assessor) and regularly performs on-site audits for a variety of clients across multiple sectors. We can advise you on the most challenging aspects of PCI DSS compliance, tailored to your business needs and budget. We are not associated with any product vendor and all our advice is independent.
- Save time and money - The PCI DSS Documentation Toolkit provides a complete set of easy-to-use, customisable and fully PCI-compliant documentation templates, and helpful project tools to ensure complete coverage of the Standard.
- Become your own expert - In addition to ASV scanning, we have a number of other tools, including:
- A gap analysis tool to check your organisation’s progress towards compliance;
- A PCI dashboard to keep track of all your documents in one place; and
- A document analysis tool to ensure all required documentation is created.
Why choose IT Governance for PCI consultancy?
Our services provide a tailored route to PCI compliance, scalable to your budget and needs.
We go further than a simple ‘yes/ no’ approach to understand better how security measures work.
We work in partnership to help you understand what is required and why giving you control.
We can offer expertise to vet compensating controls and determine whether they are acceptable.
Speak to an expert
For more information about the PCI DSS and what your organisation needs for compliance, please get in touch with one of our experts, who will be able to advise you further.