About

If you are working to the Payment Card Industry Data Security Standard you will appreciate the amount of work required to develop policies. It is simply not enough to say that you do - or don't - operate in a certain way. The PCI DSS expects that you also demonstrate how you meet PCI compliance.

Our suite of policy and procedural documents has been designed to do just that - to detail not just what you do but how you do it.

Our pack has been developed over a period of three years by our team of experienced Qualified Security Assessors. During our many QSA engagements in the field, we were seeing quality of documentation as a major compliance obstacle for both large and small clients.

In cases where clients had policy statements for card processing operations, there was usually limited or no procedural information to show how the cardholder data environment was developed or maintained.

With this in mind, we set to work to create a suite of documentation that would fully cross reference the PCI DSS and drill to the required level of procedural detail. Our objective was to create a suite of documentation that, with the minimum of customisation, would fully satisfy the PCI DSS.

Our pack has been successfully shipped to customers in many countries. The pack has been designed to be customised by clients, however customers can use our audit team to assist them develop bespoke procedural guides.

Customers, large and small, have successfully implemented our pack - drastically reducing the time and effort to meet the demands of the PCI DSS. Clients include local government, retailers, financial institutions and payment service providers.

For more information on the structure and contents of the documentation suite, please see the contents page.