Select regional store:
PCI DSS Gap analysis

PCI DSS Gap Analysis

SKU: 4570
Format: Gap Analysis
Published: 01 Jan 0001
Availability: Always Available

Our PCI DSS Gap Analysis service provides a detailed review of your current PCI compliance posture and produces a strategic roadmap that can be implemented to achieve full compliance with the Standard.

Call our PCI DSS team today on 00 800 48 484 484 or send us an enquiry to discuss your PCI DSS gap analysis requirements


Contract our PCI DSS Gap Analysis service and one of our expert PCI consultants will review your in-scope systems and networks, providing you with a detailed report about the areas that need attention. You will also receive a plan to bridge the gap between your current security posture and full compliance with the Standard, demonstrating the necessary corrective actions and enabling you to reduce the risk of a data breach.

Your challenge

A PCI DSS Gap Analysis can help your organisation pass the annual audit, or build a cardholder data environment and infrastructure that meet the requirements of the Standard. Our PCI DSS Gap Analysis helps you use PCI compliance as the starting point for a security strategy. You'll find out where improvements are needed and what steps to take to close the gaps. By completing a gap analysis, you can:

  • Create a snapshot of PCI DSS compliance.
  • Identify areas requiring immediate attention, and cost-effective remediation, in prioritised terms.
  • Avoid the financial penalties and negative PR associated with a data breach.
  • Improve cost forecasting and budget justification for a PCI compliance programme.

Our service offering

  • A high-level assessment of your specific PCI DSS compliance requirements.
  • An assessment of the scope of your cardholder data environment (CDE).
  • A mapping of in-scope devices and networks/subnets.
  • A review of the applicability of the Standard to your systems.
  • Identification of current cardholder data processes and storage locations.
  • Identification of third-party or service provider dependencies.
  • A review of the data flow diagrams of the cardholder data.
  • A review of the asset inventory, system inventory, network diagram and business processes.
  • Identification of high risks and long lead-time elements.
  • Assessment of the existing information security management system (ISMS) to determine its applicability and any additional procedures required by the PCI DSS.
  • A detailed set of outcomes that will inform the next stage of your project.
  • A strategic roadmap, containing a description of the changes necessary to comply with the PCI DSS.
  • A management report outlining the findings of the gap analysis.

Remote service offering for organisation located outside of the UK

Please note that IT Governance routinely provides this service remotely for organisations located outside of the United Kingdom. We can also offer on-site presence, but consultant expenses related to travelling, etc. will need to be absorbed as an additional cost.


Why choose us?

  • We have extensive ISO 27001, PCI, penetration testing and business continuity management/disaster recovery expertise.
  • You will be able to make clear recommendations to senior management on the implications of technology decisions on compliance and security.
  • With our CREST and QSA memberships, you can be assured that our services meet the highest industry standards.

Speak to an expert

Please contact us for further information or to speak to an expert.

Contact us

Customer Reviews

(0# of Ratings:)
This website uses cookies. View our cookie policy