From individual components to end to end strategy – we’ve got you covered

Our information security specialists are approved Qualified Security Assessors (QSAs) that have been qualified by the PCI Security Standards Council to independently assess merchants and service providers.

PCI audit and consultancy

We can evaluate your current level of compliance with services that range from assessing how applicable PCI DSS is to your business through to developing a prioritised roadmap to compliance.

PCI DSS certification

Our conclusive certification services will allow you to demonstrate your security credentials to regulators, business partners and your customers.

Self-assessment questionnaire

Your organisation may not need to opt for a full onsite assessment. Grant Thornton can help you fill out or endorse the SAQ on your behalf (or for smaller environments, pass eligibility criteria). This is ideal if your organisation is having difficulty interpreting the SAQ requirement, or if you don’t have the bandwidth to complete this.

Approved scanning vendor (ASV) scans

An ASV scan is essential to achieve compliance. As qualified resellers of an ASV solution, we can help you perform quarterly ASV scans as part of the PCI DSS requirements.

Security awareness and education

People are often the weakest link in any security programme. We can help your users understand the PCI DSS requirements and the important role they play in maintaining them. Our facilitator-led security and PCI DSS awareness training programmes will promote general awareness and compliance with PCI DSS requirements throughout your organisation.

Policy and procedure development

A significant piece of the assessment comprises governance and policies. We recognise the substantial time commitment needed to develop the relevant documentation – time you could be spending on other areas of your business. We can create policies that are aligned with your business model and compliant with the PCI DSS requirements.

Meet our people Hamish Bowen

Partner, IT audit and advisory

View profile