Almost all organisations that implement the Payment Card Industry Data Security Standard (PCI DSS) struggle with the scope of the applicability....
In this blog, we address one of the big questions facing organisations which accept payment cards....
In recent blogs, we have focused on how best to ensure you comply with the PCI Data Security Standard....
While it’s one of the areas that IT and security departments find challenging, documentation (and compliant evidence)....
As a Payment Card Industry Qualified Security Assessor (PCI QSA) company, we are often asked by organisations which process card payments....
There’s no getting away from the fact that preparing for a PCI DSS ROC can be a bit of a trial....
In this blog, we turn our attention to service providers. The PCI Security Standards Council defines a service provider....
We are often asked, both by those new to PCI DSS and those who have been involved for a while....
For an organisation to achieve and maintain compliance to the Payment Card Industry Data Security Standard (PCI DSS)....
In this article, we aim to clarify what requirements the Payment Card Industry Data Security Standard (PCI DSS) places around....
In our previous blog, we looked at where your PCI compliance journey starts. The first step is understanding the flow of your payment card data....
Often referred to as the PCI DSS or quite simply PCI, the Standard was developed by the founding payment brands....
The Payment Card Industry Security Standards Council (PCI SSC) defines scoping as “the process of identifying all system components....
PCI remediation is an essential activity for any organisation wishing to fully comply.....
We address a number of key questions: What are the Main Contents? What Led to it Being Published? And others.
After several years wait, and to surprisingly little fanfare, the PCI SSC released the new version of the PCI Data Security Standard (DSS).
URM can conduct penetration tests on mobile apps that are deployed to either Apple IOS or Android devices, typically against the OWASP MASVS, but also under the CREST OVS framework where required.
URM has developed a web-based learning management system, Alurna, which can be used to raise awareness of information security threats such as phishing.
URM can offer a host of consultancy services to help you managing DSARs, DPIAs ROPAs, privacy notices, data retention schedules and training programmes.