Our PCI services and solutions

IT Governance is uniquely qualified to provide Payment Card Industry (PCI) services. 

Our range of consultancy, technical security, software and training services help organisations meet and exceed the requirements of the PCI Data Security Standard (PCI DSS).

We can work with your organisation to implement suitable solutions that will enable you to reduce your risks and ensure compliance with the PCI DSS.

Our PCI DSS services include:

Support contract

PCI Compliance and Support Contract for the Smaller Business

Our PCI DSS support contract for SMEs is a cost-effective, all-inclusive PCI DSS assistance programme that brings together policies and procedures, approved quarterly scans and staff training resources with our expert online consultancy support and advice, at a price that you can afford.


Live Online Consultancy

Our Live Online Consultancy service enables you to purchase consultancy support by the hour. Enabling you to receive the expert PCI consultancy support you need quickly and cost-effectively.

PCI SAQ validation

A PCI DSS SAQ validation service will help you identify the right SAQ to complete and provide the appropriate support and advice to achieve full PCI DSS compliance to complete your SAQ with ease. 

PCI gap analysis

A PCI gap analysis conducted by an IT Governance QSA will map critical information processes and technical infrastructure. By assessing your current state of compliance, we can outline the most cost-effective approach to meeting the PCI DSS obligations.

PCI implementation and continual improvement

A PCI DSS remediation service conducted by an IT Governance QSA can help manage your team’s PCI DSS remediation efforts, delivering a plan to reach full compliance and that demonstrates efficient use of budget and resources.

PCI Compliance Audit and ROC

A PCI audit conducted by an IT Governance QSA provides a thorough assessment of the controls you have implemented, establishes whether they meet the requirements of the Standard and attests that your organisation is in full compliance.

Technical security

PCI compliance penetration testing

Requirement 11 of the PCI DSS describes the need for regular security testing. Our PCI compliance penetration tests aim to assess your security systems, public-facing devices and systems, databases and other systems that store, process or transmit cardholder data to discover your vulnerabilities before cyber criminals do.

PCI ASV scanning

Our HackerGuardian scanning service performs highly accurate scanning of your externally facing systems as required by the PCI DSS. It runs more than 60,000 tests on your organisation’s servers and network and provides clear advice on how to fix any security vulnerabilities.

Training and staff awareness

Staff awareness

This interactive e-learning course is designed to increase employees’ awareness of the Payment Card Industry Data Security Standard (PCI DSS) requirements, and to ensure that all employees are taking the correct steps in protecting themselves, their organisation and their customers.

PCI training courses

We offer training courses (both classroom and in-house) for all staff, from foundation-level to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.


PCI DSS Documentation Toolkit

The IT Governance PCI DSS Documentation Toolkit provides organisation with an extensive list of policies and forms appropriate for the PCI DSS. The toolkit also includes a set of project management tools, such as a document checker, a gap analysis tool and several other resources to help with the implementation of your PCI project.

Why choose IT Governance for PCI consultancy?

Our services provide a tailored route to PCI compliance, scalable to your budget and needs.

We go further than a simple ‘yes/ no’ approach to understand better how security measures work.

We work in partnership to help you understand what is required and why giving you control.

We can offer expertise to vet compensating controls and determine whether they are acceptable.

Companies using our PCI DSS products and services:

"IT Governance were very professional and pragmatic in their approach, and displayed a level of understanding of our business that we found unique and refreshing.” 

- Damien Everard, COO of Appletree.

Speak to an expert

We have a team of account managers and security consultants to discuss your PCI DSS challenges. Get in touch with one of our specialists today for further information, or to get a tailored quote for your organisation. 

SAVE 25%