PCI Compliance

With one of the longest running Payment Card Industry (PCI) compliance practices in the industry, Drummond is ready to help you protect payment card data and ensure compliance. We offer a comprehensive range of PCI services, as well as advanced cybersecurity services, using proven methodologies to ensure your long-term success.

PCI DSS Assessment

The PCI Data Security Standard (DSS) enhances cardholder data security and facilitates broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data, and applies to all organizations that store, process or transmit cardholder data. The PCI Assessment consists of a PCI SSC Qualified Security Assessor (QSA) conducting onsite validation of an organization’s cardholder data environment for compliance with PCI DSS requirements. Drummond Qualified Security Assessors (QSA) work with your organization to understand your cardholder data environment, determine the scope of the assessment, and select samples. At the end of the assessment, Drummond will provide an open item list that details requirements found to be out of compliance and actions needed in order to remediate. When all requirements are compliant, Drummond will deliver a Report on Compliance (ROC) and Attestation of Compliance (AOC).

PCI DSS Gap Analysis

The PCI DSS Gap Analysis is for organizations that want to identify gaps in PCI compliance prior to undertaking an assessment. During a detailed Gap Analysis, Drummond QSAs will collaborate with and guide your team towards identifying actions needed to remediate and meet compliance in a process including interviews, policy review, and evidence validation. Taking a prioritized approach on closing these gaps, your organization can be better prepared for the PCI assessment and simplify your remediation efforts.

PCI SAQ Validation & Advisory

The PCI Self-Assessment Questionnaire (SAQ) used by small merchants and services providers not required to submit a Report on Compliance. The SAQ is a self-validation tool to assess security for cardholder data. Drummond QSAs can assist you with understanding your scope, validating policies, processes, system configurations, and required evidence.

PCI DSS Continuous Compliance

For organizations looking for assistance in planning, developing, managing, maintaining, and assessing PCI compliance throughout the calendar year. In order to minimize business interruptions and associated ‘fire drills’ often created during annual PCI assessments; Drummond offers Continuous Compliance approach to assist with PCI compliance. Drummond QSAs will provide subject matter expertise in consultation, implementation, and assessment of the cardholder data environment. The program includes monthly, quarterly, semi-annual, and annual validation touch points to ensure that the organization addresses all requirements and maintains PCI compliance throughout the year.

PCI Advisory Services (Block Time)

Drummond also offers PCI advisory services, providing subject matter expertise, guidance, and recommendations for meeting PCI or PA-DSS compliance. Drummond QSAs will work with you to understand the environment and identify what is in scope. From there, QSAs can make recommendations, counsel on policy and procedure requirements, and guide on personnel and process compliance matters.

The People of Drummond
are here to help!

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.