PCI DSS Health Check Service
As part of this service CGI will undertake a PCI DSS health check by jointly assessing the current environment, producing a gap analysis requirements and ensuring continued compliance as PCI DSS scope and requirements change.
Features
- Analysis of current environment against PCI DSS requirements
- Executive summary of findings
- Gap Analysis to the PCI DSS requirements
- Summary of recommended actions
Benefits
- Roadmap to achieve PCI compliance
- By showing compliance, demonstrate that systems are secure
- Improve reputation with acquirers and payment brands
- Minimise the risk of data breaches now and in future
- Minimise the risk of reputational damage caused By breaches
- Minimise risk of lawsuits, insurance claims, fines etc
Pricing
£725 to £1,498 a unit a day
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
8 1 1 1 0 8 3 7 7 6 0 0 2 2 4
Contact
CGI
CCS Frameworks Team
Telephone: 08450707765
Email: uk.gen.ccsframeworks@cgi.com
Planning
- Planning service
- No
Training
- Training service provided
- No
Setup and migration
- Setup or migration service available
- Yes
- How the setup or migration service works
-
The PCI-DSS requires that card information is appropriately protected and the standard defines a rigorous approach.
We have both helped organisations prepare for an external PCI-DSS audit as well as helping them through the audit.
In the context of a cloud implementation, it is essential that, before any PCI information is ported to the cloud environment, the security is appropriately validated.
We do this by both workshops/interviews based audits as well as formal penetration testing using CHECK and/or CREST qualified ethical hackers. Use of these highly qualified individuals helps assure the security of the cloud implementation. - Setup or migration service is for specific cloud services
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- No
Security testing
- Security services
- Yes
- Security services type
-
- Security strategy
- Security risk management
- Security design
- Cyber security consultancy
- Security testing
- Security incident management
- Security audit services
- Certified security testers
- Yes
- Security testing certifications
-
- CHECK
- CREST
- Tigerscheme
- Cyber Scheme
Ongoing support
- Ongoing support service
- No
Service scope
- Service constraints
- None
User support
- Email or online ticketing support
- No
- Phone support
- No
- Web chat support
- No
- Support levels
- This service does not provide support
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Intertek Certification Limited
- ISO/IEC 27001 accreditation date
- 07/04/2021
- What the ISO/IEC 27001 doesn’t cover
- Nothing. The certification covers "The provision of outsourcing, project and consultancy services including development and delivery activities plus the management of people, technologies and physical security in accordance with the Statement of Applicability version 6, dated 24th August 2020."
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Social Value
- Fighting climate change
-
Fighting climate change
CGI is passionate about protecting the environment. Our UK corporate policy, backed by Science Based Targets (SBTs), is to be Net Zero by 2026 and to be operationally Carbon Neutral by the end of 2022.
We commit to:
- Achieving Net Zero, based on SBT measures, no later than 2026.
- Extending the climate change commitment into our supply chain such that 50% of our suppliers, by spend, will have set their own SBTs to reduce their climate impact by 2026.
- Applying our environmental programme ‘No Planet B’ to each opportunity. As part of ‘No Planet B’ we engage with our members, clients, suppliers and communities, to identify and deliver additional benefits including tree planting and canal restoration projects.
We have appointed a UK programme manager to deliver against our Net Zero targets. Alongside our absolute emission targets for operations (Scope 1 and 2) and business travel (Scope 3), we have set a supplier engagement SBT. We will engage with and support all UK suppliers ensuring they are on a Net Zero journey. We will include clients and suppliers in our No Planet B programme to collaborate and develop new initiatives aligned with their priorities.
A contract specific Sustainability Plan and reporting metrics will be developed for each engagement, aligned to the targets in our overall Carbon Reduction plan. Using established data gathering and reporting processes, we will report annually against our commitments and metrics.
Improvement plans will be driven in part by the reporting metrics and feedback from clients and suppliers. We find that our ‘No Planet B’ initiative is the biggest source of innovation.
We are proud of our Net Zero ambitions. With SBTs, contract specific sustainability plans, our reporting commitments and involvement in our ‘No Planet B’ programme, our approach and progress will be fully visible. - Tackling economic inequality
-
Tackling economic inequality
CGI is committed to ensuring careers in STEM are accessible for all. We will continue to provide a range of new employment and training opportunities which include professional, graduate and apprenticeships. To create new skills in the IT industry, we offer a range of IT-based apprenticeships and partner with various university training partners to deliver our Technology Industry Gold accredited Degree Apprenticeships.
We proudly support social enterprises FastFutures and Bounceback, providing mentoring, CV writing and interview skills to young people and prison leavers, enabling them to become work-ready. CGI’s EmployABILITY programme helps underrepresented students to build skills needed to pursue a successful career in STEM, through mentoring provided by our members.
CGI is supporting the Government’s priority to grow and diversify supply chains by working with a variety of partners. The majority of the 1,600 suppliers we use to support the delivery of services to our clients are UK based organisations, with over 600 Small and Medium Enterprises (SMEs). We are a Member of the Business Disability Forum and are signatories of the Prompt Payment Code.
We select our suppliers based on not just technical merit and capability but also alignment with our vision and goals. Our procurement process develops a deep understanding of each new supplier through a materiality rating checklist. All our preferred suppliers are audited against these checks annually, and actions are taken if a supplier’s rating drops.
Throughout our engagements, any change control will include a check on potential inclusion of SME, Social Enterprises or new businesses. This will include advertising opportunities on Contract Finder. We also welcome input from our clients, as they are often approached directly and have valuable insight in supplier offerings.
For transparency we will report on the number, value and proportion of contract spend being undertaken by SMEs and Social Enterprises.
Pricing
- Price
- £725 to £1,498 a unit a day
- Discount for educational organisations
- No