Skip to Main Content
Select regional store:
Save 25% on selected auditor training courses. Find out more
PCI Compliance Audit and ROC

PCI Compliance Audit and ROC

SKU: 4571
Format: Compliance Audit and Roc
Availability: Always Available

A PCI DSS audit conducted by an IT Governance QSA provides a thorough assessment of the controls you have implemented and establishes whether they meet the requirements of the Standard.

Inquire about this service



Your challenge

A PCI Report on Compliance (ROC) is required by organizations with large transaction volume and must be conducted by a Qualified Security Assessor (QSA) who will issue a formal report to the PCI Security Standards Council (PCI SSC) to attest that your organization is in full compliance.

Our QSA consultants are experienced assessors that can readily understand your business and the payment solutions and technologies you use, which ensures the highest quality of assessment.

By completing the audit, you can gain:

  • A complete review of your cardholder data environment and the risks that you need to manage
  • An accurate assessment of where you stand in relation to the requirements
  • Evidence that your controls are in place and working effectively
  • Independent recommendations on procedures and solutions that will help you close identified gaps

Our service offering 

  • Validation of scope accuracy
  • Data flow diagrams
  • Network diagrams
  • The processing and flow of cardholder data through systems and processes
  • Cardholder data storage locations
  • Third-party or service provider dependencies
  • Network infrastructure
  • Required policies and procedures
  • The maintenance and management of the cardholder data environment (CDE)
  • Evidence that policies and procedures have been implemented
  • An overall assessment of the existing ISMS’s applicability to and procedures required for the PCI DSS 
Why choose IT Governance?

Why choose IT Governance?

  • As an approved QSA company, IT Governance adheres to a number of rigorous business and technical requirements as specified by the PCI SSC.
  • We have extensive ISO 27001, PCI, penetration testing and business continuity management/disaster recovery expertise.
  • Our extensive expertise means we can help you cost-effectively integrate your ISMS with other security frameworks.
  • We are able to translate technical concepts into business terms.

Customer reviews

This website uses cookies. View our cookie policy
Save 25% on