PCI Compliance

The PCI DSS is the benchmark for securing payment card data, but compliance with the PCI DSS can be complicated, especially for large, global organizations.
Securing your CDE

Securing Your CDE

Focal Point has been a Payment Card Industry (PCI) Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV) for more than 14 years. We have helped some of the biggest retailers in the world align their policies, procedures, and technologies with the PCI Data Security Standard (DSS). Leveraging our expertise in PCI compliance, penetration testing, and IT risk, Focal Point can help you pinpoint gaps in compliance and address them quickly.

Talk to an Expert

Our Services

We don’t just tick off the boxes. We partner with our clients to ensure their cybersecurity programs have strong policies and processes in place that comply with the PCI DSS.

Annual Onsite Audit

Our team compares your current practices against each requirement of the PCI DSS to evaluate your compliance, ending with an ROC and AOC, if compliant.

Contact Us
01 ROC Services
02 AOC Services
03 DSS Expertise

Gap Analysis

Our team identifies gaps in compliance, provides a detailed report that ranks areas of non-compliance by risk level, and offers detailed steps to remediate each gap.

Contact Us
01 Gap Identification
02 Compliance Roadmap
03 Expert Support

Remediation

Our team provides subject matter expertise as you address gaps in compliance and build a stronger cybersecurity program.

Contact Us
01 Subject Matter Expertise
02 Policy Development
03 Process Improvement

Continued Compliance

Our team can provide ongoing support to ensure that new policies, procedures, and applications meet compliance requirements.

Learn More
01 Program Updates
02 Annual Audits
03 Expert Advisory

ASV Scanning

As a certified ASV, we can provide quarterly external scans of your CDE and internal network scans to detect any vulnerabilities within your network.

Learn More
01 Pen Testing
02 ASV Scanning
03 Segmentation Validation

Penetration Testing

Our team can test and improve the security of your organization by pinpointing and prioritizing crucial weaknesses and vulnerabilities within your network

Learn More
01 Application Testing
02 Network Security
03 Social Engineering

Different from the Rest

Focal Point has helped dozens of retailers, hospitality groups, and others achieve and maintain PCI compliance. Here’s how:

Full Suite of Services

PCI audits are just one arrow in our quiver. From remediation assistance to pen testing, we can help you build a best-in-class security program.

Partnerships Built on Trust

We’re more than just your QSA. We’re your partner. We will work alongside you to help identify issues and address gaps in compliance.

More than a Checked Box

We're not here to check boxes. Cybersecurity is our passion, and we will work hard to ensure your processes, policies, and technologies are secure.
Have a question?

Contact Us

Focal Point is excited to take on your biggest data risk challenges. If you'd like to speak to a Focal Point expert or inquire about our services, please fill out the following form.
Featured Case Study

A PCI Audit for a Major Retailer

One of the largest privately held regional retail corporations in the United States engaged Focal Point as its PCI QSA to perform its annual PCI compliance audits.

Learn More
80%
Reduction
In annual audit costs
66%
Reduction
In the total time to complete the audit