PCICompliance Gap Analysis only needs to be done once and is usually the very first step you take to understand your current compliance status. It provides a detailed comparison of what your business is currently doing against what it should be doing to be compliant to the PCI DSS regulation. The analysis reviews the current security controls you already have in place to protect cardholder data against the specific controls required by the PCI DSS. In essence it identifies the “gap” that needs to be addressed in order to become compliant.
Conduct an on-site analysis of your current operations and controls against those required for compliance to the PCI DSS.
Interview your business key compliance stakeholders and confirm the evidence produced by your operations and controls against that required by the PCI DSS.
Conduct a vulnerability assessment of your existing exterior-facing IP addresses associated with your Cardholder Data Environment (CDE).
Analyse the findings and produce a detailed report identifying the existing gap between your operations and controls and those required for compliance to PCI DSS.
Produce a prioritised list of activities for your business to undertake to obtain compliance.
In addition we will provide ongoing telephony support from an information security compliance consultant to answer any questions you may have regarding your road map to compliance.