The Sec-1 PCI QSA services are designed to help organisations of all sizes and at all stages of their PCI DSS (Payment Card Industry Data Security Standard) journey with this often complex and difficult data security standard.
SAQ & RoC consultancy includes investigation, scope reduction, gap analysis, assessment and validation.
- Identify and define the PCI Cardholder Data Environment (CDE)
- Provide PCI CDE de-scoping strategies to limit assessment activities
- Accurately identify applicable Self-Assessment Questionnaires (SAQs)
- Provide PCI DSS Gap Analysis identifying requirements not adequately met
- Provide professional expertise on projects with PCI DSS implications
- Dedicated onsite QSA resource providing PCI DSS assistance
- PCI Credits offering ad-hoc PCI DSS support queries
- Provide assisted SAQ submissions countersigned by the QSA
- Provide Report on Compliance (ROC) assessments
- Preparation of correct documentation sets for PCI DSS
- Reduces PCI DSS scope thereby reducing costs and complexity
- Reduces compliance burden of maintaining PCI DSS
- Minimise the risks associated with taking card payments
- Minimise the chances of a card data compromises
- Ensure that your organisation meets its PCI DSS obligations correctly
- Minimise PCI DSS scoping implications when making environmental changes
- Understand & document in detail data flows and payment channels
- Supplement your team with experienced Qualified Security Assessors
£1250 per person per day
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
|How the planning service works||Sec-1 security consultants assist organisations with solution designs and security architecture to help simplify the complexities regarding PCI DSS scoping and segmentation to ensure any de-scoping strategies that are implemented achieve the required outcome. Often, de-scoping strategies fall short of adequately isolating system components which has a significant cost and compliance impact upon an organisation, especially if the re-design work has already been implemented.|
|Planning service works with specific services||No|
|Training service provided||Yes|
|How the training service works||
Sec-1 can provide PCI DSS knowledge transfers to businesses to help employees better navigate this data security standard.
Stakeholders learn during engagements from structured, organised approach.
Specific PCI DSS training material is currently in development.
Advice around security testing to meet PCI DSS requirements is available through regular seminar sessions delivered UK-wide.
|Training is tied to specific services||No|
Setup and migration
|Setup or migration service available||No|
Quality assurance and performance testing
|Quality assurance and performance testing service||Yes|
|How the quality assurance and performance testing works||With the Sec-1 PCI DSS QSA services, clients can receive a quality assurance against any proposed solutions impacting upon the business' cardholder data environment. Additionally, Sec-1 QSAs can help to validate any proposed solutions that are intended to de-scope elements of the cardholder data environment, verifying that the solution will achieve what it is intended to.|
|Security services type||
|Other security services||
|Certified security testers||Yes|
|Security testing certifications||
|Other security testing certifications||
|Ongoing support service||No|
Currently, the Sec-1 QSA services can only be conducted within EMEA, however please do let us know if you have a requirement outside of EMEA as we may look to add that specific region.
The nature of PCI DSS consultancy requires the service to be delivered during standard work hours (9am-5pm, Monday to Friday).
Where activities need to be undertaken outside of these hours, the requirement should be discussed so that appropriate arrangements and additional charges can be made.
|Email or online ticketing support||Email or online ticketing|
|Support response times||Sec-1 provides a service called PCI Credits which is primarily provided via email on a bulk-buy, call-off basis. Responses are usually within 2-3 working days as this service isn't designed for business critical queries.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
For PCI Credits, Sec-1 will work towards a 2-3 working day turnaround for most email enquiries.
Telephone advice is also often delivered, which is usually ad-hoc arranged via the Sec-1 Sales Account Manager.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Price||£1250 per person per day|
|Discount for educational organisations||No|