PCI for Small and Medium-Sized Businesses
The Payment Card Industry Data Security Standard (PCI DSS) applies to all organisations that transmit, process or store payment card data. Although the Standard is technically complex to implement, it is based on common information security practices.
To prove they meet the 12 requirements and, in turn, achieve compliance, the majority of small merchants can fill in a self-assessment questionnaire (SAQ). But it’s helpful to have the guidance of PCI experts in your corner to ensure your responses are in line with each requirement.
Supporting you to successfully complete an SAQ
Our cost-effective, all-inclusive PCI DSS assistance programme is ideal for SMEs needing to complete an annual SAQ. The service includes approved quarterly scans, staff training resources, PCI policies and procedures, and expert online consultancy support and advice, making PCI certification fast and simple. Keep your business PCI-compliant while significantly reducing your effort and cost.
View our PCI DSS support contract for SMEs
If you’re a smaller organisation, our PCI Compliance and Support Contract brings PCI policies and procedures, approved quarterly scans and staff training resources together with our expert online consultancy support and advice, at an affordable price.
This affordable package includes:
|
Expert advice and assistance
As an approved Qualified Security Assessment (QSA) company, we can help you identify the right SAQ to complete and provide the appropriate support and advice to achieve full compliance with the PCI DSS. You will have direct access to our QSA team, providing the support you need as and when you require it.
- Get expert QSA assistance with the SAQ and other requirements.
- Determine the gaps between your compliance efforts and the Standard.
|
Expert advice and assistance
As an approved Qualified Security Assessment (QSA) company, we can help you identify the right SAQ to complete and provide the appropriate support and advice to achieve full compliance with the PCI DSS. You will have direct access to our QSA team, providing the support you need as and when you require it.
- Get expert QSA assistance with the SAQ and other requirements.
- Determine the gaps between your compliance efforts and the Standard.
|
The online PCI Self Assessment Questionnaire (SAQ)
The SAQ is a document that merchants are required to complete every year and submit to their Acquiring Bank. Taking the SAQ with us is the fastest way to find out what you need to do to become PCI compliant, with expert help at every stage along the way.
- Our intuitive web-based application guides merchants through every step of the PCI SAQ.
- Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question.
|
|
The online PCI Self Assessment Questionnaire (SAQ)
The SAQ is a document that merchants are required to complete every year and submit to their Acquiring Bank. Taking the SAQ with us is the fastest way to find out what you need to do to become PCI compliant, with expert help at every stage along the way.
- Our intuitive web-based application guides merchants through every step of the PCI SAQ.
- Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question.
|
|
PCI project implementation tools and policies
Our PCI DSS Documentation Toolkit gives you all the tools and document templates you need to comply with the PCI DSS. Designed by a leading QSA, this toolkit contains all the expert guidance, advice and fully customisable documentation templates you will need to keep your payment card operations running smoothly and securely. It contains:
- A gap analysis tool, which will help organisations to set their perimeters and identify the scope of the project.
- All the policies and work instructions you need to achieve compliance with the Standard.
- A document checker so that you can quickly and easily select the appropriate policy from the toolkit and edit it to best reflect your environment.
|
PCI project implementation tools and policies
Our PCI DSS Documentation Toolkit gives you all the tools and document templates you need to comply with the PCI DSS. Designed by a leading QSA, this toolkit contains all the expert guidance, advice and fully customisable documentation templates you will need to keep your payment card operations running smoothly and securely. It contains:
- A gap analysis tool, which will help organisations to set their perimeters and identify the scope of the project.
- All the policies and work instructions you need to achieve compliance with the Standard.
- A document checker so that you can quickly and easily select the appropriate policy from the toolkit and edit it to best reflect your environment.
|
HackerGuardian vulnerability scans
Our HackerGuardian Scanning Service is a vulnerability assessment scanning solution designed to identify website vulnerabilities and, where relevant, to achieve and maintain PCI compliance. Website and network administrators have complete control over their scanning service and use a secure online console to schedule and run scans.
- Run scans easily and get the reports you need to submit for PCI compliance.
- Backed by Comodo, a PCI Approved Scanning Vendor (ASV)
|
|
HackerGuardian vulnerability scans
Our HackerGuardian Scanning Service is a vulnerability assessment scanning solution designed to identify website vulnerabilities and, where relevant, to achieve and maintain PCI compliance. Website and network administrators have complete control over their scanning service and use a secure online console to schedule and run scans.
- Run scans easily and get the reports you need to submit for PCI compliance.
- Backed by Comodo, a PCI Approved Scanning Vendor (ASV)
|
|
10% discount on staff awareness and training courses
The PCI DSS requires merchants and service providers to implement a formal security awareness programme and ensure employees understand the importance of handling cardholder data securely. IT Governance’s security awareness and training courses range from increasing your employees' knowledge of the PCI DSS to providing comprehensive and practical coverage of all aspects of implementing a compliance programme.
|
10% discount on staff awareness and training courses
The PCI DSS requires merchants and service providers to implement a formal security awareness programme and ensure employees understand the importance of handling cardholder data securely. IT Governance’s security awareness and training courses range from increasing your employees' knowledge of the PCI DSS to providing comprehensive and practical coverage of all aspects of implementing a compliance programme.
|
View our PCI DSS support contract for SMEs
Why buy the PCI DSS support contract for SMEs
Responsive service
As an authorised QSA, we can advise on challenging aspects of the PCI DSS. We are continually performing on-site audits for a wide range of clients across different industries. If you have questions about PCI compliance, we’ll provide you with the answers quickly and efficiently, and offer solutions scalable to your business and budget. We provide independent advice and have no allegiance with product vendors.
Save time and money
The PCI DSS Documentation Toolkit is ideal for any small or medium-sized business that deals with payment card data because it lets you take advantage of QSA knowledge and guidance to accelerate your PCI DSS compliance project. It’s basically a shortcut through the documentation, with extra features to streamline the rest of the process.
Become your own expert
In addition to ASV scanning, you’ll be able to take advantage of a number of tools, including a gap analysis tool to check your organisation’s progress towards compliance; PCI document dashboard to keep track of all your documents from one place; and a document analysis tool to ensure all required documentation is in place.
Speak to an expert
Please contact us for further information or to speak to an expert.
Contact us