PCI DSS

The security of payment card data is governed by the Payment Card Industry Data Security Standard or PCI DSS. This affects the people, processes and technologies which are involved with the capture, storage, processing and transmission of payment card data.

Leveraging experience within the card payments market space, One Compliance's Qualified Security Assessors (QSAs) take an approach to PCI DSS which reduces both the risk to cardholder data and the ongoing cost of maintaining PCI DSS compliance.  This is based on the simple fact that risk to cardholder data is minimised by outsourcing key areas of cardholder data capture, storage, processing and transmission, and then by isolating any remaining system components which can affect the security of cardholder data's

One Compliance do not over-complicate the process to meet the standard. The most successful and cost-effective method of achieving PCI DSS is to:

Review the options that are available to you to remove from scope the people, processes and technologies that do not need to be there

Ensure any remaining controls are addressed appropriately and can be assessed

Conduct the assessment

Ensure procedures are in-place in order to maintain PCI DSS compliance on an ongoing basis

One Compliance offer the following services:

PCI DSS Options analysis

Guidance on scope reduction

PCI DSS Gap Analysis

Review on the implementation of applicable PCI DSS controls

PCI DSS Prioritised Approach

Review of applicable controls and completion of the Prioritised Approach worksheet for the acquiring bank

PCI DSS Assessment

Formal audit of all applicable controls and production of the Report on Compliance and Attestation of Compliance

SAQ Assistance

Review of applicable SAQ controls and submission to the acquiring bank

Acquiring bank negotiation

We are happy to have a conversation with your acquiring bank in order to help negotiate extensions to deadlines

contact@onecompliance.co.uk

+44 (0) 020 3855 0895