Gap Analysis Service

This service will typically involve a number of days on site sitting down with the Managers tasked with the PCI DSS project, along with the key staff involved in the Network Administration, Card Holder Systems as well as the people responsible for company Procedures and Policies.

The deliverables from this engagement will include a detailed report outlining the following information:

• High level review of the card holder data environment
• Identify all current card holder data processes and storage locations
• Identify the areas where the client is fully compliant
• Identify the areas where configuration or changes will bring about compliance
• Identify the areas where no solutions, processes or policies exist
• Provide recommendations on where to go now

In addition, a full detailed report in the following formats will be provided which often provide the basis for a working road map moving forwards:

• Fully Completed Self Assessment Questionnaire (SAQ)
• Fully Completed Prioritised Approach Document

To find out more about how Nettitude can help you with your Compliance requirements, please complete our contact form, and a Consultant will respond to your enquiry.

Nettitude's gap analysis services are always 100% vendor agnostic. They focus on the PCI DSS requirements, and do not make recommendations about individual vendor solutions or technologies. For organisations that require additional guidance, Nettitude can provide unbiased remediation & solutions advice, (as a separate exercise) so as to aid in the compliance journey.

• The SAQ forms can be downloaded from here.
• A guide to the Prioritised approach can be downloaded from here
• The PCI DSS can be found here.