PCI DSS Services for Small and Medium Sized Organisations

Supporting small businesses to secure card data

Our  PCI DSS support contract for SMEs is a cost-effective, all-inclusive PCI DSS assistance programme for merchants needing to complete an annual self-assessment questionnaire (SAQ). It includes PCI policies and procedures, approved quarterly scans, staff training resources and expert online consultancy support and advice at an affordable price. Purchasing this service makes PCI certification quick and simple and significantly reduces the effort (and cost) spent on keeping your business PCI-compliant.

Our Compliance and Support Contract package includes:

Expert advice and assistance

As an approved Qualified Security Assessment (QSA) company, we can help you identify the right SAQ to complete and provide the appropriate support and advice to achieve full compliance with the PCI DSS. You will have direct access to our QSA team, providing the support you need as and when you require it.

  • Get expert QSA assistance with the SAQ and other requirements.
  • Determine the gaps between your compliance efforts and the Standard.

An online PCI SAQ

An SAQ is a document that merchants processing less than 6 million transactions annually are required to complete every year and submit to their acquiring bank. Taking the SAQ with us is the quickest way to find out what you need to do to become PCI compliant, with expert help at every stage.

  • Our intuitive web-based application guides merchants through every step of the PCI SAQ.
  • Each question is accompanied by expert advice to help the merchant interpret and appropriately answer each question.

PCI project implementation tools and policies

Designed by a leading QSA, our documentation toolkit contains all the expert guidance, advice and fully customisable documentation templates you will need to keep your payment card operations running smoothly and securely. It contains:

  • A gap analysis tool, which will help organisations set their perimeters and identify the scope of the project; and
  • All the policies and work instructions you need to achieve compliance with the Standard.

Vulnerability scans

Our Vulnerability Scanning Service is a vulnerability assessment scanning solution designed to identify website vulnerabilities and, where relevant, to achieve and maintain PCI compliance. Website and network administrators have complete control over their scanning service and use a secure online console to schedule and run scans.

  • Run scans easily and get the reports you need to submit for PCI compliance.
  • Backed by Comodo, a PCI Approved Scanning Vendor (ASV).

Why buy the PCI DSS support contract for SMEs?

  • Responsive service - IT Governance is an authorised QSA (Qualified Security Assessor) and regularly performs on-site audits for a variety of clients across multiple sectors. We can advise you on the most challenging aspects of PCI DSS compliance, tailored to your business needs and budget. We are not associated with any product vendor and all our advice is independent.
  • Save time and money - The PCI DSS Documentation Toolkit provides a complete set of easy-to-use, customisable and fully PCI-compliant documentation templates, and helpful project tools to ensure complete coverage of the Standard.
  • Become your own expert - In addition to ASV scanning, we have a number of other tools, including: 
    • A gap analysis tool to check your organisation’s progress towards compliance;  
    • A PCI dashboard to keep track of all your documents in one place; and  
    • A document analysis tool to ensure all required documentation is created. 

How IT Governance can help you

Personalised approach 

We go further than a simple ‘yes/no’ approach to better understand how security measures work.

Professional advice

We work in partnership with your organisation to help you understand what is required and why.

Tailored packages

Our services provide a tailored route to PCI compliance, scalable to your budget and needs.

Delivered by experts

We can offer expertise to vet compensating controls and make sure they are adequate.

top
SAVE 25% ON
FOUNDATION
TRAINING