PCI Scoping Workshop

What is it?

A PCI scoping workshop is the first and most important step in the PCI DSS compliance process. It goes through all Payment Card Industry Data Security Standard (PCI DSS) payment channels currently in operation.

It is a review designed to identify all applicable compliance activities and required reporting. If you’re not aware of your payment channels or don’t fully understand them, you can’t protect them.

The scoping workshop may also be repeated after significant change to an environment or following the release of an updated version of PCI DSS.

How does it work?

We hold review sessions with relevant people in your organisation to identify the payment channels currently in operation.

We will then map those payment channels to specific PCI control requirements.

Any in-scope third-party service providers (TPSPs) may also need to provide information. If there is a significant number of controls covered by a TPSP, it may be advisable to have a representative onsite or booked for a call the same day.

Benefits

This service is recommended to ensure the correct support is provided.

It can reduce your compliance burden, because we recommend changes and simplifications as part of the process.

Ensures you are meeting all applicable PCI DSS requirements and reporting obligations.

It can minimise compliance requirements where de-scoping or other recommendations are identified.

Why choose us?

We will help you at the start of your PCI journey or when there are operational changes or updates to standards.

Our Qualified Security Assessors have a wealth of PCI experience and industry knowledge.

PCI DSS is a complex standard. Our consultants can help you navigate your way to compliance using a prioritised approach that is easier to digest.

We offer separate remediation or implementation support as well as other services that complement this offering.