PCI Compliance

The PCI DSS is the benchmark for securing payment card data, but compliance with the PCI DSS can be complicated, especially for large, global organizations.
Securing your CDE

Securing Your CDE

Focal Point has been a Payment Card Industry (PCI) Qualified Security Assessor (QSA) for more than 14 years. We have helped some of the biggest retailers in the world align their policies, procedures, and technologies with the PCI Data Security Standard (DSS). Leveraging our expertise in PCI compliance, penetration testing, and IT risk, Focal Point can help you pinpoint gaps in compliance and address them quickly.

Our Services

We don’t just tick off the boxes. We partner with our clients to ensure their cybersecurity programs have strong policies and processes in place that comply with the PCI DSS.

Annual Onsite Audit

Our team compares your current practices against each requirement of the PCI DSS to evaluate your compliance, ending with an ROC and AOC, if compliant.

01 ROC Services
02 AOC Services
03 DSS Expertise

Gap Analysis

Our team identifies gaps in compliance, provides a detailed report that ranks areas of non-compliance by risk level, and offers detailed steps to remediate each gap.

01 Gap Identification
02 Compliance Roadmap
03 Expert Support


Our team provides subject matter expertise as you address gaps in compliance and build a stronger cybersecurity program.

01 Subject Matter Expertise
02 Policy Development
03 Process Improvement

Continued Compliance

Our team can provide ongoing support to ensure that new policies, procedures, and applications meet compliance requirements.

01 Program Updates
02 Annual Audits
03 Expert Advisory

PCI in the Cloud

Our team can help you asses your cloud environment and align cloud resources with the requirements of the PCI DSS.

Learn More
01 Gap Analysis
02 Compliance Roadmap
03 Remediation Testing

Different from the Rest

Focal Point has helped dozens of retailers, hospitality groups, and others achieve and maintain PCI compliance. Here’s how:

Full Suite of Services

PCI audits are just one arrow in our quiver. From remediation assistance to pen testing, we can help you build a best-in-class security program.

Partnerships Built on Trust

We’re more than just your QSA. We’re your partner. We will work alongside you to help identify issues and address gaps in compliance.

More than a Checked Box

We're not here to check boxes. Cybersecurity is our passion, and we will work hard to ensure your processes, policies, and technologies are secure.
Featured Case Study

A PCI Audit for a Major Retailer

One of the largest privately held regional retail corporations in the United States engaged Focal Point as its PCI QSA to perform its annual PCI compliance audits.

Learn More
In annual audit costs
In the total time to complete the audit