PCI QSA on-site Security Audit (Report on Compliance)

The PCI QSA Audit provides a comprehensive assessment which is a required procedure for annual PCI certification and validation of compliance.

Our ROC assessments are led by senior security analysts Qualified Security Assessors (QSA) who maintain CISA and CISSP certifications. Our auditors intimately understand the retail and service provider processing models and the idiosyncrasies that make your business unique.

When the Audit is complete the QSA will produce the final report RoC and attestation AoC. At the direction of the client, the QSA will submit the final documents to the Acquiring Bank or Card Brand.

Self-Assessment Questionnaire (SAQ) Assistance

SC2labs provides general PCI-related consulting to assist with the completion of an SAQ and the submission of an Attestation of Compliance (AoC). We will help you complete the PCI self-assessment and provide you with practical remediation guidance to help you achieve secure PCI compliance.

PCI ASV Scanning Service, PCI ASV 11.2

SC2labs offers managed vulnerability scans performed by certified professionals PCI Approved Scanning Vendor and in accordance to PCI DSS standards. PCI scans performed by SC2labs provide reports and findings to help you meet PCI DSS quarterly scanning requirements.

Consulting services

Trying to achieve PCI DSS compliance can be a challenge for any organization, large, small, local or international. We offer flexible and tailored PCI DSS consultancy services to meet the requirements of your compliance process. We can help you plan, analyze, track and monitor your PCI process and guide you to compliance – helping you develop an efficient, cost-effective plan, reduce cost and time. Our PCI consultants will enable you to understand how the PCI DSS  applies to your organization and your business model.

Training course

SC2labs training course will help you understand the PCI DSS scheme and its objectives. During course our consultants will transfer their knowledge and expertise over to your team. Our practical workshops provide comprehensive and practical coverage of all aspects of implementing the PCI DSS in your environment and answer technical/business questions, offer industry accepted practices or examples according to your requirements.

PCI Annual Network Vulnerability and Penetration Test, PCI 11.3

SC2labs offers professional penetration testing services (both internal and external) on network and application layers. Tests are performed according to recommended PCI DSS v3.0 methodology NIST SP800-115.

PCI Web Application Test, PCI 11.3.2

If you have a website that collects, stores or transmits card data this requires you to perform application-layer penetration testing at least once a year and after any significant application upgrade or modification.


PCI-DSS Services Leaflet