Call us on 03450 21 21 51

PCI DSS Compliance
Cyber Security Consultants

PCI DSS Compliance

The Payment Card Industry Data Security Standard

Demonstrate your ability to process payment card data safely and securely with SRM.

If you are a merchant accepting card transactions, the responsibility for processing payments safely and securely lies with you. If card data isn’t protected or fraudulent activity occurs, the penalties for mistakes and mishandling can be significant.

With over 10 years’ experience in PCI DSS compliance, you can trust the expert team at SRM to help you implement critical steps and achieve compliance in the fastest and most cost effective way possible.

Want to make PCI DSS compliance plain sailing? Call us today for a free quote on 03450 21 21 51 or email

Who needs this service?

The Payment Card Industry Data Security Standard (PCI DSS) applies to virtually every organisation which accepts, transmits, processes or stores any cardholder data, regardless of size or the number of transactions; whether electronically using a terminal, through a service provider or via an ecommerce website or manually using paper methods.

Compliance requirements can, however, vary and it is the responsibility of every organisation to establish how they should comply with PCI DSS. An organisation’s acquiring bank will usually be able to advise on the need for compliance. Establishing the exact PCI DSS requirements can be a complex business and professional advice should be obtained.

Why use SRM for PCI Compliance?

SRM’s PCI DSS compliance team includes leading Qualified Security Assessors (QSAs) who use their wealth of experience to help companies understand not only how to comply but how to reduce costs by ensuring that the scope to achieve compliance each year is as simple as possible. Our team can guide businesses at any level in completing the PCI DSS compliance from SMEs right through to full QSA-managed PCI assessments for FTSE 100 companies.

What are the challenges?

The process of PCI DSS compliance involves an annual check of twelve requirements to ensure that important security steps to safeguard customers’ data are in place. PCI DSS compliance is constantly being updated and in addition to the outline requirements there will be many additional micro sub requirements, making the process complex, particularly for larger organisations.

Because PCI DSS compliance involves an annual check, it is important to note that this only demonstrates that an organisation was compliant on a certain date; a bit like a car MOT. To ensure ongoing compliance, the process needs to be managed continually throughout the year. If a breach occurs at any time, your current compliance status will be taken into account by the PCI when determining the level of fine imposed.

What are the penalties for non-compliance?

Those that should but do not comply, or demonstrate that they are working towards compliance, may be liable for non-compliance fines, at the discretion of the PCI. Ultimately an acquiring bank can terminate a relationship, which will prevent the organisation from accepting any payments by card.

Associated services

Cyber Essentials Certification

Cyber Essentials Certification

The SRM team is experienced in all aspects of Cyber Essentials certification. We can do as much or as little as is required.

GDPR Consultants

GDPR Consultants

Our team provides a business-focused service to organisations of all types and size, at all ends of the GDPR-readiness spectrum.

ISO 27001 Consultants

ISO 27001 Consultants

SRM guides you through the entire ISO27001 certification process, helping you to review continually and refine the way you handle information security, not just for the present, but for the future.

Virtual CISO ™ Virtual ISM ™

Virtual CISO ™ Virtual ISM ™

At SRM we have developed VirtualCISO™ and VirtualISM™, which are totally bespoke services, providing as much or as little as required depending on the individual company.

Related articles

Remote working: maintaining PCI DSS compliance in the age of online shopping

When you first embarked on your Payment Card Industry (PCI) Data Security Standard (DSS) compliance journey, did you ever imagine you would be where you are now? With large..

Getting to grips with the 12 PCI DSS requirements?

PCI compliance is essential for businesses that are required to maintain payment security and protect customer data. But what exactly is involved in the 12 PCI DSS requirements? As..

How can we be compliant in a cost-effective manner with the PCI DSS?

Achieving PCI compliance is vital for all businesses that accept card payments, but what’s the best way to get started when you are trying to keep costs down in..

Back to top