Our thinking

NEWS! Payment Card Industry Qualified Security Assessors


Terra Firma is excited to announce that after years of providing clients with assessment and remediation services to assist with their PCI DSS compliance, we are now Payment Card Industry Qualified Security Assessors (PCI QSA). Qualified Security Assessor companies are independent security organisations that have been certified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have themselves been certified to assess all QSA Requirements.

Shaun Rafferty, Head of Capability, said, “It’s great to be able to provide a full suite of PCI compliance services. With our Senior Security Advisors now qualified to deliver QSA services, we can assess, remediate, and then certify organisations – essentially we are now a ‘one-stop shop’ for your PCI compliance management needs.”

With PCI DSS compliance a requirement for any organisation that accept, process, store or transmit payment card information, these services are vital for many organisations to stay in business. Penalties for non-compliance include fines and removal of the payment gateway service. Worse, should an actual breach occur, the reputational impact alone could be disastrous for a business.

“While organisations that make millions of transactions in a year are aware of their PCI DSS requirements, we find that often organisations with transaction numbers below this are either unaware of the requirements placed on them or simply have not got around to doing anything about it. For the former group, we assist them with their ongoing compliance. For the latter, we help them map out a program to move to compliance in the most effective manner.”

As Terra Firma’s Cyber Security business continues to grow, we are confident that PCI DSS services will provide a key part of our ongoing service offerings.

See our list of PCI Compliance services here.