SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
SI Services


PCI Readiness Consulting

Our PCI Readiness program provides a “One Stop” solution for discovering deficiencies in your information systems and policies with respect to PCI compliance. We will conduct a gap analysis of your systems versus the PCI DSS (Data Security Standard) version 1.1 prior to your audit.

The first step is to understand what your PCI Compliance requirements are. Our PCI Consulting Team will conduct the necessary system and policy analysis to generate a Deficiency Report & Mitigation Checklist so you can prepare your systems for actual PCI certification testing.

Site Assessment

Site Assessment involves discovery of all the items that are considered relevant by PCI/DSS v1.1 and documenting them in preparation for scoping and audit execution. Site Assessment may be executed partially off-site through telephone interviews and policy reviews, and partially on-site via physical inspections and verification of data collected during off-site reviews. The two areas of concern are the systems, including hardware and software, and the cardholder data managed by the organization.

Readiness Analysis

After the Site Assessment, our Qualified Security Assessors continue with their “mock audit,” executing the complete PCI Certification Audit process including the development of the PCI Deficiency report describing what needs to be done for the organization to pass their audit. This trial audit will help us guide you to take the necessary steps to prepare your organization to pass an official PCI Certification audit. The application layer requirements of PCI/DSS v1.1 can be particularly confusing for organizations; as specialists in application security, Security Innovation can help you understand precisely where you may fall short of compliance and guide you to specific remedies for each problem. .

Remediation & Validation

Once we have an understanding of your current readiness level, we can provide remediation assistance and services necessary to solve the issues blocking compliance in each area. Whether we have conducted a mock audit for you, or you’ve executed the self-assessment, we can help you build a roadmap toward compliance with PCI remediation and validation steps that are easily understood, able to be implemented, and specific to your organization.

Certain groups within your organization may require technical training or security awareness. Others may have interest in security assessments for particular mission-critical applications. These education and assessment services are available to you as additional value-added solutions from Security Innovation.

Certification Reporting

Should your organization pass the PCI Readiness Analysis or mock audit, you may choose to have us complete the PCI certification process by developing the necessary reports and filing them with the PCI Security Council on your behalf. The result of this step would be complete PCI 1.1 Certification and our official registration of the reports as your Qualified Security Assessor.

Reporting is done in conjunction with your IT, compliance, and security staff and generates a complete PCI Report on Compliance (ROC) document suitable for presentation to the PCI certification committee. In addition, a complete set of credit card vendor-specific documents will be generated including letters for Visa, MasterCard, American Express and Discover. You will receive copies of these documents and Security Innovation will keep them on file for re-use in subsequent engagements. Click for vendor-specific document filing requirements.

:: For information on building a sustainable PCI Program, please contact us at 978.694.1008 x24 or email

back to the top of the page