PCI DSS Gap Analysis
Our PCI DSS Gap Analysis is a review of an organisations Cardholder Data Environment (CDE), against the latest version of the standard. Performed during the early phases of PCI Compliance, it enables an organisation to quickly measure the effort and actions required to reach a compliant state. This is a crucial step for organisations preparing for a PCI DSS Assessment for the first time, or organisations building a PCI Remediation Programme.
Fast Track Your PCI DSS Compliance
Request a free PCI DSS Compliance Program consultation.
Our consultants will perform the review through performing on-site and remote interviews with staff members and documentation review. We then provide you with a detailed report documenting your current compliance status and any gaps identified aligned against the PCI DSS Standard.
- Provides you a snapshot of PCI DSS compliance
- Identifies areas requiring immediate attention, and cost effective remediation solutions, in prioritised terms.
- Provides you the awareness of your companies’ ability to comply with any new release of the standard, such as PCI DSS 3.0
- Assists with PCI Compliance Programme cost forecasting, and budget justification.
Step 1: Pre- Assessment Phase (Off Site)
- Meeting with key staff members
- Provide walkthrough of assessment activities, and agree roles
Step 2: PCI Business Process Review Phase
- Walkthrough of Card Holder Data Environment, and documentation of components
- Review of policies, standards, procedures and processes
Step 3: PCI Controls Analysis Phase
- Findings and observations of current security controls,
- Gap analysis of controls against the PCI DSS Requirements
Step 4: Reporting Phase
- Preparation of PCI Compliance Gap Analysis Report
- Presentation of findings and strategic recommendations
- Total: 3- 5 days
- Onsite: 1- 3 days
- Remote: 1-2 days
- Executive Summary Report– (including overall statement of compliance, and high level overview)
- PCI DSS 3.2 Controls Analysis– (Compliant, Partially Compliant or Non-Compliant Status)
- Strategic Remediation Actions– Detailed set of recommendations, and options for remediation to move toward a fully compliant state
Speak with us today, to learn how we can help you measure the gaps, and the steps to take to achieve and maintain PCI DSS Compliance.