Menu Close

Case Study

PCI Scope Reduction and ROC Reporting for European Payment Card Services Provider

The client

The UK operation of a European service provider providing car parking payment card services for private and local authority car park operators.

The work

We reviewed their planned architecture to reduce the scope of their Card Data Environment (CDE) for PCI DSS compliance, undertook a PCI pre-assessment of the new environment, and completed a Report on Compliance (ROC) for their assessment against the PCI DSS standard.

How we helped

The client wanted to re-architect their CDE to reduce the scale, effort and complexity of maintaining PCI compliance. Our analysis enabled us to make recommendations to further reduce the CDE scope, identify process and control improvements to aid the likelihood of retaining PCI compliance,
and provide education to staff and management on the requirement of the PCI DSS Standard.

Value added

Our knowledge of the PCI DSS standard and approach in explaining the precise requirements of the Standard allowed the client to gain a better understanding of its application, simply the target architecture and reduce the cost and ongoing effort of achieving PCI compliance.

Customer reviews

What our clients say

Get in touch

If you would like to talk about your risk management requirements, submit your details and one of our consultants will be in touch.