Annual PCI Validation Service

1. Gradeon Annual
PCI Validation Service
PCI DSS - Payment Card Industry Data Security Standard
YOUR COMPLIANCE PARTNER

2. We Help You Get PCI Certified
 Minimise the risk of card data breaches
 Achieve full PCI DSS compliance while
reducing scope and costs.
 Save Time And Cost
 Simplify Your Certification Process
 Improve Security
 Help You Win New Business
 Fully Managed Service
 Reduce Your PCI Scope
 Improved Risk Reporting
 Certified On Time Every time
The New PCI DSS S4 is
coming January 2024
Are You Prepared? – Speak
to Gradeon Today

3. Small Business to Global Player
 We help companies of all sizes align, maintain and validate their card payment
solutions and services.
 If you are developing new payment solutions, we can work with you to ensure
your design is compliant and affordable.
 We work with PCI SSC,* gateway providers, acquirers, brands, auditors keeping
you in touch with latest views and events.
If Your Organisation Is Processing Credit or Debit Card Data Gradeon Can Support You
Merchants &
call centres
taking payments
over telephone.
Retail merchants
taking payments
face-to-face.
eCommerce
merchants taking
payments via website.
Service Providers
delivering PCI
solutions for
merchants.

4. We Get Results
We helped a global loyalty platform provider with a target
card payment solution reducing two years of effort into
two weeks.
We helped a retail company to reduce regulatory
obligations from 340 controls to 30 controls, saving them
£30k on annual validation costs.
We helped a large financial services provider, to onboard a
tier 1 client by meeting the client’s regulatory standards
within a 4-week time frame.

5. Concept
 Gradeon has been in the business of PCI Validation for
years, and we know how time-consuming and complicated
the process can be. That's why we've developed a simple,
streamlined process that will make your annual PCI
Validation a breeze.
 Our Gradeon PCI Validation Service simplifies the entire
process, from pre-audit to certification. It’s the simple way
to keep on top of card risk and compliance obligations.
Managed Workflow Centralised Evidence
QSA (Qualifies Security Assessor) Selection &
Management
Annual Validations on time every time
SAQ (Self Assessment Questionnaire) Selection
and Assistance

6. Features
• Fully Managed - We manage the whole process, liaise
with acquirers, auditors, service providers and so on...
• QSA Selection – We find the optimum auditor for your
type of business. Ensuring they understand your
business and risks.
• Card Data Environment - We document your entire
card data processing environment in a bespoke report.
• On-going Support - We work with you to plan your
ongoing PCI activities and provide additional support as
needed.
Fully
Managed
Backed
By
Auditors
Card
Data
Security
On-going
Support

7. What We Do
 We manage the entire process. Irrespective of your
status we have the connections and the know-how.
 We manage your PCI obligations whilst you run your
business.
 Let us manage your PCI audits and let you run your
business.
* PCI SSC - Payment Card Industry Security Standards Council
Perform
Discovery
(Facts &
Evidence)
Scope &
Approach
(Solution
Design)
Remedial
Planning
(Deliver
Solution)
SAQ / RoC
Completion
(Run Audit)
Attestation of
Compliance
(Certification)

8. What’s Included
 Fully documented card data environment
 SAQ Selection and Assistance
 QSA Auditor Selection and Management
 Managed Evidence Tracker
 Solution Design
 Remediation
 Full Report On Compliance (RoC)
 Attestation of Compliance (AoC )
 Filing Process and Listings
 Policy Creation and Adoption

9. Package Features
Basic
(Level 4, 3 or 2)* SAQ
Assistance
Premium
(Level 4, 3 or 2)* SAQ
Validation
Advanced
(Level 2 or 1)* Full RoC
Bespoke
SAQ Selection/Completion*
Please contact Gradeon
to discuss options.
sales@gradeon.co.uk
0238 184 9633
Evidence Tracker
GAP Analysis
QSA Auditor Selection**
Solution Design
Document Card Data Environment
Remedial Planning Delivery**
Manage Audit Process
Card Flow and Network Diagrams
RoC/AoC Certification
• ** Optional depending on circumstance.
• *SAQ or RoC is dependent on your total annual card transaction volumes
• Level 4 – SAQ (Up to 20k ) Level 3 – SAQ (20k to 1m) eCommerce)
• Level 2 - RoC or SAQ (1m up to 6m) Level 1 – RoC (6m+)

10. Next Steps
Speak to Gradeon Today - Book a
free consultation or discovery call,
strategy session
Email sales@gradeon.co.uk
Telephone 0238 184 9633
Booking link Contact Gradeon

11. Thank you
QUESTIONS?