A PCI Readiness Assessment can help you self-evaluate more confidently in the future and help you learn more about how and why your security measures work.

Often, the assessment reveals opportunities to manage your security more robustly and cost-effectively in the future. Even if you’ve already completed a self-assessment questionnaire, even if you believe your organization is compliant, it’s wise to have security experts perform a readiness assessment at least once.

This process will help you verify that you’ve correctly interpreted the PCI DSS rules and that your assumptions are well-founded. Very often, merchants unknowingly and inadvertently misinterpret PCI compliance guidelines and mistakenly indicate compliance.

PCI Methodology


  1. Kick-off Call
  2. Portal Access
  3. Documentation Request(s)

On-Site Review

  1. Interviews
  2. On-Site observations
  3. Sampling/Evidence Collection


  1. Report on Compliance Write-Up
  2. Status Reports (1x week)
  3. Additional Evidence

Final Deliverables

  1. Internal Quality Assurance
  2. External Customer Acceptance
  3. Signed Attestation of Compliance

Featured Content

Why Penetration Testing Needs Continual Evolution: Going Purple


Talk with an Expert