PGI is a Qualified Security Assessor (QSA) company, authorized by the PCI Security Standards Council to assess compliance to the PCI DSS 3.2 standard, mandatory since April 2016. Our world class Security Consultants have also been assessed and trained by PCI SSC to carry out client assessments and offer advice to companies who handle card data. Whether your company is a large multinational corporation or a SME, PGI can help you meet the PCI DSS requirements. PGI offers four main services which guide an organization through the whole compliance journey or just a part of it, depending on your specific prerequisites.
What we offer to protect you
PGI can provide PCI DSS-related advice and guidance on a range of requirements. If you are just starting on your compliance journey, PGI’s qualified consultants can for example provide training and awareness workshops; validate the scope of your cardholder data environment, and what level of acquirer reporting (SAQ or ROC) you will need to complete.
Additionally, we can provide compliance advice on the implementation of specific controls (such as FIM, IDS, WAF, and system configuration hardening); as well as strategies for reducing scope and compliance liability (such as tokenization, P2PE, and use of third party service providers).
The PCI Gap Analysis service is a process by which PGI’s Security Consultants conduct a thorough analysis of a client’s organization with the view to assess whether they fulfil the PCI standard and to identify any necessary remediation.
The process usually involves site visits to work through a series of workshops and meetings, resulting in an an all-inclusive report on the organization’s current PCI compliance state, as well as on the remediation measures needed to fully meet the requirements.
In order to remain PCI DSS compliant, companies must also undergo the mandatory testing requirements incorporated under the PCI Testing Services umbrella.Mandatory testing requirements such as vulnerability and penetration tests are daily, periodic, quarterly and annual.
At PGI, we offer the full spectrum of PCI Testing Services, making it easier for your organisation and staff to complete the PCI compliance journey with minimum effort and headache.
The PCI DSS Audit and Report on Compliance service offered by PGI is aimed at Level 1 Merchants and Service Providers for their annual Report on Compliance (ROC) which must be completed by a Qualified PCI QSA Company/Consultant.
At the end of the process, the Consultant will also produce an Attestation of Compliance (AOC) to be signed by both the QSA conducting the audit and the Executive Officer of the company being audited.