Follow us on our LinkedIn company page   Follow us
Resize font  
Call us now on 0845 600 4403
 Cyber Incident Helpline +44 (0)1454 451801


What is PCI DSS?

PCI DSS is a proprietary information security standard for any organisation that processes, transmits or stores card holder information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure.

The level of PCI compliance a company needs to meet depends on the number of card transactions carried out annually. Merchant Levels are set by the big 5 card companies, Visa, MasterCard, JCB, Discovery and American Express and administered by the merchant’s bank and are dependant solely on transaction volumes.

How can PGI help my organization become PCI DSS compliant?

PGI is a Qualified Security Assessor (QSA) authorized by the PCI Security Standards Council to assess compliance to the PCI DSS 3.1  standard, mandatory since April 2015. Our world class Security Consultants have also been assessed and trained by PCI SSC to carry client assessments and offer advice to companies who handle card data.Whether your company is a large multinational corporation or a SME, PGI can help you meet the PCI DSS requirements.

PGI offers four main services which guide an organization through the whole compliance journey or just a part of it, depending on your specific prerequisites.

1. PCI Compliance Advice Service

The PCI Compliance Advice Service is aimed at all merchants and service providers who need help in demystifying the standard and how it applies to their organization.

  • Our world class Security Consultants will assess the needs of your organization and provide cost-effective advice on the following:
  • Reducing the scope of your PCI compliance requirement;
  • Completing the Self-Assessment Questionnaire (SAQ) relevant to your business type;
  • Guiding you along the complex process of PCI DSS compliance.

2. PCI Gap Analysis

The PCI Gap Analysis service is a process by which PGI’s Security Consultants conduct a thorough analysis of a client’s organization with the view to assess whether they fulfil the PCI standard and to identify any necessary remediation.The process usually involves site visits to work, a series of workshops and results in an all-inclusive report on the organization’s current PCI compliance state, as well as on the remediation measures needed to fully meet the requirements.

3. PCI DSS Audit and Report on Compliance

The PCI DSS Audit and Report on Compliance service offered by PGI is aimed at Level 1 Merchants and Service Providers for their annual Report on Compliance (ROC) which must be completed by a Qualified PCI QSA Company/Consultant.

At the end of the process, the Consultant will also produce an Attestation of Compliance (AOC) to be signed by both the QSA conducting the audit and the Executive Officer of the company being audited.

4. PCI DSS Testing and Monitoring Service

In order to remain PCI DSS compliant, companies must also undergo the mandatory testing requirements incorporated under the PCI Testing Services umbrella.

Mandatory testing requirements such as vulnerability and penetration tests are daily, periodic, quarterly and annual.

At PGI, we offer the full spectrum of PCI Testing Services, making it easier for your organisation and staff to complete the PCI compliance journey with minimum effort and headache.

In addition to the three main services which can help your organization acquire the PCI DSS certification, PGI also offers:

  • Penetration Testing;
  • ASV;
  • Network Security Monitoring.

For more information on PCI DSS, Visa Europe Merchant Levels and our services, download the PCI DSS complete service sheet.

Call us now

Call us now to discuss your requirements with one of our consultants.