{"id":45359,"date":"2023-09-08T13:33:02","date_gmt":"2023-09-08T11:33:02","guid":{"rendered":"https:\/\/www.usd.de\/?page_id=45359"},"modified":"2025-08-28T15:18:53","modified_gmt":"2025-08-28T13:18:53","slug":"pci-dss-gap-analysis","status":"publish","type":"page","link":"https:\/\/www.usd.de\/en\/pci-payment-security\/pci-dss-gap-analysis\/","title":{"rendered":"PCI DSS Gap Analysis"},"content":{"rendered":"

[et_pb_section fb_built=\"1\" _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"0px||0px||true|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_row _builder_version=\"4.21.0\" _module_preset=\"default\" width=\"100%\" custom_padding=\"0px||||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.21.0\" _module_preset=\"default\" background_enable_image=\"off\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" text_text_color=\"#FFFFFF\" text_font_size=\"30px\" text_line_height=\"1.2em\" header_font=\"Roboto||||||||\" header_text_color=\"#F07F1D\" header_font_size=\"50px\" background_enable_color=\"off\" use_background_color_gradient=\"on\" background_color_gradient_stops=\"rgba(10,10,10,0.4) 0%|rgba(10,10,10,0.4) 100%\" background_color_gradient_overlays_image=\"on\" background_image=\"https:\/\/www.usd.de\/wp-content\/uploads\/usd-ag-pci-4.0.jpg\" custom_margin=\"0px||0px||false|false\" custom_padding=\"90px|30px|90px|30px|false|true\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

PCI DSS Gap Analysis<\/h1>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.22.2\" _module_preset=\"default\" custom_margin=\"0px||||false|false\" custom_padding=\"0px||||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

A Gap Analysis is one of your most helpful tools for preparing for your PCI DSS certification. In a Gap Analysis, we check the compliance with relevant\u00a0 security requirements in advance of your actual audit. This gives you the opportunity to identify existing deviations from the standard early on and correct them before the official PCI DSS certification - even in the case of any major deviations.<\/p>\n

 <\/p>\n

\n

The PCI DSS also requires you to maintain your compliance throughout the year. If you make a significant change to your environment between audits, for example, a Gap Analysis can be extremely helpful to maintain compliance with the standard throughout the year.<\/p>\n<\/div>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.22.2\" _module_preset=\"default\" background_color=\"RGBA(255,255,255,0)\" custom_margin=\"23px||50px||false|false\" custom_padding=\"30px|30px|30px|30px|true|true\" border_radii=\"on|5px|5px|5px|5px\" border_width_all=\"2px\" border_color_all=\"#00a2b6\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

Difference between Gap Analysis and PCI DSS certification<\/h3>\n

A Gap Analysis is not subject to any official PCI SSC requirements and can therefore be flexibly tailored to your needs. The assessment depth is usually not as deep as in an actual PCI DSS Assessment and serves as preparation for the certification. No official verification documents (AoC & RoC) are issued.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.21.0\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.21.0\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

We recommend you conduct a PCI DSS Gap Analysis<\/h2>\n

[\/et_pb_text][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" hover_enabled=\"0\" global_colors_info=\"{}\" theme_builder_area=\"post_content\" sticky_enabled=\"0\"]<\/p>\n\n\n\n
<\/span><\/td>\nbefore your initial PCI DSS certification with an already known PCI DSS scope<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n
<\/span><\/td>\nafter significant changes to your certified PCI DSS environment<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=\"4.22.2\" _module_preset=\"default\" custom_padding=\"||0px||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"4_4\" _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

Our approach<\/h2>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=\"1_4,3_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"1_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_image src=\"https:\/\/www.usd.de\/wp-content\/uploads\/\/pci-zertifizierungsprozess-kick-off.svg\" alt=\"PCI Zertifizierungsprozess Kick-off\" title_text=\"pci-zertifizierungsprozess-kick-off\" align=\"center\" _builder_version=\"4.16\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" width=\"60%\" width_tablet=\"20%\" width_phone=\"30%\" width_last_edited=\"on|tablet\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][\/et_pb_image][\/et_pb_column][et_pb_column type=\"3_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

Kick-off \/ Preparation<\/strong><\/p>\n

Together we will define the scope and level of detail of your Gap Analysis. Since there are no official specifications regarding the scope and assessment depth, in contrast to your actual PCI DSS assessment, we can tailor the Gap Analysis exactly to your needs. We will be happy to give you recommendations and advise you on classic \"pitfalls\" you might encounter during your official assessment.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=\"1_4,3_4\" _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"13px|||||\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"1_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_image src=\"https:\/\/www.usd.de\/wp-content\/uploads\/\/pci-zertifizierungsprozess-vorbereitung.svg\" alt=\"PCI Zertifizierungsprozess Vorbereitung\" title_text=\"pci-zertifizierungsprozess-vorbereitung\" align=\"center\" _builder_version=\"4.16\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" width=\"60%\" width_tablet=\"20%\" width_phone=\"30%\" width_last_edited=\"on|phone\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][\/et_pb_image][\/et_pb_column][et_pb_column type=\"3_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.22.2\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

Implementation<\/strong><\/p>\n

Fit for the assessment. Within the PCI DSS Gap Analysis, we review all IT systems, documentation and processes we have determined together with you in advance with regard to their compliance with PCI DSS. Deviations are documented in a catalog of corrective measures and discussed with you.<\/p>\n

The validation of PCI DSS requirements is performed according to individual agreement. We mainly rely on interviews, document reviews, examination of relevant IT systems and applications, and, if required, on physical security inspections.<\/p>\n

Our auditors perform the PCI DSS Gap Analysis in person on your premises, remotely or in a hybrid model, whichever you prefer. All details and specifics will be discussed with you in advance.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=\"1_4,3_4\" _builder_version=\"4.16\" _module_preset=\"default\" custom_padding=\"13px|||||\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_column type=\"1_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_image src=\"https:\/\/www.usd.de\/wp-content\/uploads\/\/pci-zertifizierungsprozess-siegel-zertifikat.svg\" alt=\"PCI Zertifizierungsprozess Siegel & Zertifikat\" title_text=\"pci-zertifizierungsprozess-siegel-zertifikat\" align=\"center\" _builder_version=\"4.16\" _module_preset=\"default\" background_color=\"RGBA(0,0,0,0)\" width=\"60%\" width_tablet=\"20%\" width_phone=\"30%\" width_last_edited=\"on|phone\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][\/et_pb_image][\/et_pb_column][et_pb_column type=\"3_4\" _builder_version=\"4.16\" _module_preset=\"default\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"][et_pb_text _builder_version=\"4.27.4\" _module_preset=\"default\" custom_margin=\"||0px||false|false\" custom_padding=\"||10%||false|false\" global_colors_info=\"{}\" theme_builder_area=\"post_content\"]<\/p>\n

Final Report<\/strong><\/p>\n

We will document all deviations from the PCI DSS our auditors might have found in a detailed catalog of corrective measures. No official verification documents (AoC & RoC) will be issued.<\/p>\n

After completion of the Gap Analysis, we will be happy to advise you on correcting the findings.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

PCI DSS Gap AnalysisA Gap Analysis is one of your most helpful tools for preparing for your PCI DSS certification. In a Gap Analysis, we check the compliance with relevant\u00a0 security requirements in advance of your actual audit. This gives you the opportunity to identify existing deviations from the standard early on and correct them […]<\/p>\n","protected":false},"author":91,"featured_media":45354,"parent":11673,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"class_list":["post-45359","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/pages\/45359","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/users\/91"}],"replies":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/comments?post=45359"}],"version-history":[{"count":5,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/pages\/45359\/revisions"}],"predecessor-version":[{"id":60701,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/pages\/45359\/revisions\/60701"}],"up":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/pages\/11673"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media\/45354"}],"wp:attachment":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media?parent=45359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}