PCI DSS

Laptop and Secure Banking Device PINsentry
PCI DSS v4 – Changes at a Glance
Latest update:
2 Sep
2022

After several years wait, and to surprisingly little fanfare, the Payment Card Industry Security Standards Council (PCI SSC) released the new version of the PCI Data Security Standard (DSS) ...

Read more
Man behind the laptop
PCI SSC Remote Assessment Guidelines and Procedures
Latest update:
24 Aug
2022

The PCI SCC has recently released a new remote assessment guidelines and procedures. Here we address a number of key questions: What are the Main Contents? What Led to it Being Published? And others.

Read more
5 Ways to Reduce Your PCI DSS Scope
Latest update:
9 Aug
2022

Almost all organisations that implement the Payment Card Industry Data Security Standard (PCI DSS) struggle with the scope of the applicability of the Standard. Even veterans of PCI DSS compliance...

Read more
Information Security
updateD:
9/8/2022
PCI DSS: Pros and Cons of Outsourcing

In this blog, we address one of the big questions facing organisations which accept payment cards and are looking to comply with the PCI DSS. Should we outsource the storing, processing and...

Information Security
updateD:
9/8/2022
Benefits of PCI DSS Compliance

In recent blogs, we have focused on how best to ensure you comply with the PCI Data Security Standard. However, this week we will look at what the benefits are of achieving and maintaining compliance…

Information Security
updateD:
8/8/2022
PCI Policies, Procedures and Evidence – What is expected?

While it’s one of the areas that IT and security departments find challenging, documentation (and compliant evidence) is what makes for a happy and satisfied PCI Qualified Security Assessor (QSA)...

Information Security
updateD:
8/8/2022
Top 5 common pitfalls of PCI DSS compliance

As a Payment Card Industry Qualified Security Assessor (PCI QSA) company, we are often asked by organisations which process card payments what are main pitfalls to avoid in complying with...

Information Security
updateD:
8/8/2022
Preparing for a Report on Compliance (ROC)

There’s no getting away from the fact that preparing for a PCI DSS ROC can be a bit of a trial, and particularly for those who are experiencing their first visit from a QSA. Like most trials...

Information Security
updateD:
5/8/2022
What Are the Merchant Levels

We are often asked, both by those new to PCI DSS and those who have been involved for a while, what is the difference between a merchant and a service provider, what are the ‘levels’ and what do...

Information Security
updateD:
5/8/2022
PCI DSS compliance as BAU (business as usual)

For an organisation to achieve and maintain compliance to the Payment Card Industry Data Security Standard (PCI DSS), the Payment Card Industry Security Standard Council (PCI SSC) encourages...

Information Security
updateD:
5/8/2022
Can I Store Cardholder Data?

In this article, we aim to clarify what requirements the Payment Card Industry Data Security Standard (PCI DSS) places around the protection of cardholder data (CHD) and, in particular, sensitive...

Information Security
updateD:
5/8/2022
How can URM help you to achieve PCI compliance and what is our approach?

In our previous blog, we looked at where your PCI compliance journey starts. The first step is understanding the flow of your payment card data – by that we mean where payment card information...

Information Security
updateD:
5/8/2022
PCI DSS – The Payment Card Data Security Standard – What is it?

Often referred to as the PCI DSS or quite simply PCI, the Standard was developed by the founding payment brands of the PCI Security Standards Council (SSC), including MasterCard Worldwide, Visa...

Information Security
updateD:
5/8/2022
PCI DSS Reduction and Assessment

The Payment Card Industry Security Standards Council (PCI SSC) defines scoping as “the process of identifying all system components, people, and processes to be included in a PCI DSS assessment to...

Information Security
updateD:
4/8/2022
PCI DSS Remediation and Implementation

PCI remediation is an essential activity for any organisation wishing to fully comply with the applicable 12 technical and operational control requirements of the PCI DSS. Whilst many PCI remediation

Information Security
updateD:
4/8/2022
PCI DSS Gap Analysis

URM’s PCI DSS gap analysis service is aimed at those organisations which are looking to benchmark their current corporate information security practices (relating to payment card data) against...

"
Moving from our existing Pen Testers after 10 years was a difficult decision but I am really glad we did. It's been a pleasure working with you. The Pen Testing was extremely thorough and as hoped you were open to a collaborative deeper delve, far beyond what we were required to do for PCI DSS, which has been very useful.
Payment Service Provider
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.