PCI DSS v4 – Changes at a Glance
Latest update:
2 Sep
2022

After several years wait, and to surprisingly little fanfare, the Payment Card Industry Security Standards Council (PCI SSC) released the new version of the PCI Data Security Standard (DSS) ...

Read more
Man behind the laptop
PCI DSS 
updateD:
24/8/2022
PCI SSC Remote Assessment Guidelines and Procedures

The PCI SCC has recently released a new remote assessment guidelines and procedures. Here we address a number of key questions: What are the Main Contents? What Led to it Being Published? And others.

PCI DSS 
updateD:
9/8/2022
5 Ways to Reduce Your PCI DSS Scope

Almost all organisations that implement the Payment Card Industry Data Security Standard (PCI DSS) struggle with the scope of the applicability of the Standard. Even veterans of PCI DSS compliance...

PCI DSS 
updateD:
9/8/2022
PCI DSS: Pros and Cons of Outsourcing

In this blog, we address one of the big questions facing organisations which accept payment cards and are looking to comply with the PCI DSS. Should we outsource the storing, processing and...

PCI DSS 
updateD:
9/8/2022
Benefits of PCI DSS Compliance

In recent blogs, we have focused on how best to ensure you comply with the PCI Data Security Standard. However, this week we will look at what the benefits are of achieving and maintaining compliance…

PCI DSS 
updateD:
8/8/2022
PCI Policies, Procedures and Evidence – What is expected?

While it’s one of the areas that IT and security departments find challenging, documentation (and compliant evidence) is what makes for a happy and satisfied PCI Qualified Security Assessor (QSA)...

PCI DSS 
updateD:
8/8/2022
Top 5 common pitfalls of PCI DSS compliance

As a Payment Card Industry Qualified Security Assessor (PCI QSA) company, we are often asked by organisations which process card payments what are main pitfalls to avoid in complying with...

PCI DSS 
updateD:
8/8/2022
Preparing for a Report on Compliance (ROC)

There’s no getting away from the fact that preparing for a PCI DSS ROC can be a bit of a trial, and particularly for those who are experiencing their first visit from a QSA. Like most trials...

PCI DSS 
updateD:
5/8/2022
What Are the Service Provider Levels

In this blog, we turn our attention to service providers. The PCI Security Standards Council defines a service provider a ‘business entity that is not a payment brand, directly involved in the...

PCI DSS 
updateD:
5/8/2022
What Are the Merchant Levels

We are often asked, both by those new to PCI DSS and those who have been involved for a while, what is the difference between a merchant and a service provider, what are the ‘levels’ and what do...

PCI DSS 
updateD:
5/8/2022
PCI DSS compliance as BAU (business as usual)

For an organisation to achieve and maintain compliance to the Payment Card Industry Data Security Standard (PCI DSS), the Payment Card Industry Security Standard Council (PCI SSC) encourages...

PCI DSS 
updateD:
5/8/2022
Can I Store Cardholder Data?

In this article, we aim to clarify what requirements the Payment Card Industry Data Security Standard (PCI DSS) places around the protection of cardholder data (CHD) and, in particular, sensitive...

PCI DSS 
updateD:
5/8/2022
How can URM help you to achieve PCI compliance and what is our approach?

In our previous blog, we looked at where your PCI compliance journey starts. The first step is understanding the flow of your payment card data – by that we mean where payment card information...

PCI DSS 
updateD:
5/8/2022
PCI DSS – The Payment Card Data Security Standard – What is it?

Often referred to as the PCI DSS or quite simply PCI, the Standard was developed by the founding payment brands of the PCI Security Standards Council (SSC), including MasterCard Worldwide, Visa...

PCI DSS 
updateD:
5/8/2022
PCI DSS Reduction and Assessment

The Payment Card Industry Security Standards Council (PCI SSC) defines scoping as “the process of identifying all system components, people, and processes to be included in a PCI DSS assessment to...

PCI DSS 
updateD:
4/8/2022
PCI DSS Remediation and Implementation

PCI remediation is an essential activity for any organisation wishing to fully comply with the applicable 12 technical and operational control requirements of the PCI DSS. Whilst many PCI remediation

PCI DSS 
updateD:
4/8/2022
PCI DSS Gap Analysis

URM’s PCI DSS gap analysis service is aimed at those organisations which are looking to benchmark their current corporate information security practices (relating to payment card data) against...

"
Moving from our existing Pen Testers after 10 years was a difficult decision but I am really glad we did. It's been a pleasure working with you. The Pen Testing was extremely thorough and as hoped you were open to a collaborative deeper delve, far beyond what we were required to do for PCI DSS, which has been very useful.
Payment Service Provider
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.