The Payment Credit Industry (PCI) Data Security Standards (DSS) are designed to ensure that any organisation storing, processing and/or transmitting credit card data does so correctly and safely, protecting this sensitive data from fraudsters or other security threats. The standards are based in part on some of the same principles that underpin ISO27001, but were formed through the merging of security procedures developed by Visa and MasterCard.

Context is a PCI DSS Approved Scanning Vendor (ASV), so is fully equipped to carry out the regular security assessments required for compliance. It can also offer further consultancy services to help clients prepare for an annual on-site QSA (Qualified Security Assessor) audit or self-assessment audit. As with our ISO27001 services, Context can work with clients to identify the parts of the organisation that are relevant to this standard, assist with or direct a gap analysis to identify areas of non-compliance, and help address and resolve those issues. We can then assist the client in completing the self-assessment or, for larger clients, complete a mock audit ahead of engaging a QSA.