Home > Services > Compliance > 7 Step Process


7 Step Process

Privity is committed to helping your organization meet its compliance obligations. This seven-step overview outlines the methodology we use to achieve compliance quickly and cost-effectively. The steps are independent of one another and are contingent on your needs. They can be combined as desired, providing that the Scoping phase is re-done prior to commencing additional steps.

STEP 4: Segmentation

If your company is just initiating its PCI program, it is likely that further network segmentation will be necessary to reduce the assessment scope. Ideally, you should eliminate the Peripheral scope as it is completely unnecessary to the card data processing and creates additional costly compliance obligations. It may also make sense to outsource or tokenize the card data for certain systems.

Every organization should undertake a segmentation project – this is where the most money gets saved over time. Because PCI compliance is not only a technology problem, Privity can help you integrate business-process reengineering efforts with your technology deployments.