PCI QSA Qualified Security Assessor

Payment Card Industry Compliance Delivered by Certified Experts

Gap Analysis

Our experienced PCI DSS QSA team will assess each payment channel, accurately positioning your organisation against the PCI DSS standard. You will receive a report detailing current strengths and weaknesses, alongside actionable and proportionate recommendations.

Your gap analysis will typically consist of four key phases: a pre-assessment, a process review, a technical control analysis, and the write-up. Throughout this time, our security assessors will evaluate policies, processes, and procedures, as well as observing and testing security controls and associated technical documentation.

Ultimately, this project aims to provide tactical and strategic recommendations that give your organisation the information needed to minimise the risk of non-compliance.

Help With Remediation

Our PCI DSS QSA team are on-hand to guide you through the remediation process, working closely with your technical and business teams to implement proportionaterisk-based, and compliant fixes.

Our aim is to be a trusted advisor who works closely with your team to help you to understand the letter and intent of each PCI requirement and control objective.

Report on Compliance

Our Report on Compliance (ROC) service is designed for Level 1 and Level 2 merchants and is performed by one of our Qualified Security Assessors.

This is an in-depth service and rigorous examination of the Payment Card Industry Data Security Standard spanning 400 individual controls.

Your assigned consultant will work with you to accurately validate your scope, before conducting thorough testing activities on your systems and infrastructure.  Your assessment will result in a formal report that attests to your compliance with the PCI DSS standard.

Contact Us

Send us a Message

Data Protection Project
GDPR Gap Analysis/Audit/Review
Outsourced Privacy Officer/DPO
Support Desk
SAR Support
Cyber Maturity Assessment
NIS Regulations
Information Governance Documentation
DataWise System

We are always happy to make contact with you by either phone, email or a face to face meeting at our office or yours. We work standard UK office hours – every week day 0830 to 1730.

Latest Articles

to DPIA or not to DPIA

What is a DPIA? A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project.... Read MoreI

GDPR Radio – News & Views

During today’s session of GDPR Radio, we discussed the news of the week from the world of Data Protection. We kicked off the webinar by... Read MoreI

What is the Freedom of Information Act?

The Freedom of Information Act 2000 (FOI) provides the public with access to information held by public authorities. The FOI requires public authorities to publish... Read MoreI

skills shortage in the privacy space?

I’ve been reading about skills shortages in the news: HGV drivers, chefs, fruit pickers… and now that we have come to advertise several new posts... Read MoreI

Data Retention – Best Practices, Examples & More

We kicked off this session by discussing the news of the week, we spoke about online racism, Matt Hancock, wealth screening, ICO fines and more.... Read MoreI

GDPR Radio – News & Views

We host GDPR Radio every other Friday between 12:30-13:30, it’s a laid back, collaborative session where we discuss recent news, share our views and answer... Read MoreI