Company

Technical Security Consulting

Managing Risk

Research & Development

Forensics

Security Management

Media Centre

PCI DSS

• Home
• Overview
• IRM PCI DSS Services
• PCI Documents

IRM PCI DSS Services

As a specialist consultancy in information security and a Qualified Security Assessment Company, IRM can offer its clients the support they need to make decisions about information security provision for payment card data and where to concentrate limited resources.

IRM can provide clients with services in the following areas:

• acting as a specialist advisor on cardholder data protection
• identifying the cardholder data relevant data flows, systems and storage within the organisation
• identify non-permitted data and develop ways of elimination
• providing a snapshot view of the client’s level of compliance with PCI DSS
• identifying areas where there is a weakness in PCI compliance
• defining the tasks and resource requirements necessary for PCI compliance remediation
• developing a compliance programme agreed with the merchant acquirers
• complementing the client’s compliance programme with specialist technical and business resources
• completion of the annual audit PCI DSS audit for level 1, 2 and 3 merchants
• completion of the PCI self certification process for level 4 vendors
• conducting internal penetration tests
• conducting penetration tests against externally facing servers
• conducting applications security tests and threat analysis

PCI DSS compliance is a complex and resource intensive process which requires a considerable amount of specialist information security expertise. IRM, as an independent information security consultancy, has both the expertise and the experience to support clients through the complex process of PCI DSS compliance.