Assessment Types

Addressing unique, large-scale, global, and technically diverse cardholder data processing environments and team cultures, Urbane's highly technical PCI DSS assessment team focuses on in-depth reviews of environments as follows.

Merchant Attestation of Compliance

PCI DSS compliance with an annual Attestation of Compliance is required for all merchants who store, process, or transmit cardholder data. As a long standing PCI DSS Qualified Security Assessor Company (QSAC), Urbane provides modern assessments with deep technical guidance to address any gaps for retailers, e-commerce, mobile applications, transportation and travel, hospitality, collections, phone order, and numerous other industries.

Service Provider Attestation of Compliance

As required by merchants in Requirement 12, Service Providers who assist in the storage, processing, or transmission of cardholder data must have an Attestation of Compliance to address their adherence to the PCI DSS. Urbane has depth and breadth of experience assessing payment platforms, software as a service providers, cloud and infrastructure hosting, contact centers, e-commerce infrastructures, third-party development firms, managed security providers, voice services, and more.

PCI DSS Gap Assessment

As a pre-assessment to an annual reports on compliance, Urbane's Gap Assessments dive deep into the technical workings and implemented procedures of the environments for newly assessed environments or during planned significant changes to an existing environment. Urbane identifies the scope of the environment, technical gaps, documentation needs, and procedural concerns to provide a comprehensive technical review of the environment with tailored remediation guidance to successfully obtain PCI DSS compliance and improve the security of the cardholder data environments.

The Urbane Difference