Currently all Level 1 Merchants and Service providers are required to comply with the Payment Card Industry Data Security Standard (PCI DSS) and validate the requirement through annual on-site audits.
Shearwater as Qualified Security Assessor (QSA) company can perform the on-site validation audit in accordance with the requirements of the PCI Security Standards Council (PCI SSC). The validation audit confirms whether all the requirements, as outlined in the standard, are in place and whether the organisation is compliant. A Report of Compliance (ROC) is produced and an Attestation of Compliance is provided as required.
Shearwater has developed an efficient and effective approach to it’s on-site audits, validating the requirements. If you are not sure whether you will pass Shearwater can also conduct pre-assessments. This process highlights any compliance issues and if using Shearwater to perform the on-site validation it will reduce the time required to perform the on-site audit.
If you have been informed of a deadline for compliance, make sure you allow plenty of time for the validation process as well as any remediation time required to address issues.