•  Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  •  London: +44 (0)203 5983740 
  •  New York: +1 646-781-7580 
  • Dubai: +971 (0)4 427 0429

PCI DSS Scope

You are here

A PCI scope review will identify areas in which cardholder data is stored, processed or transmitted. Dionach will provide options for reducing the scope, with the purpose of reducing the burden of the annual self-assessment questionnaire or report on PCI compliance.

Dionach consultants will identify all the locations and flows of where cardholder data is stored. This may require interviews with staff involved in the processing of transactions, and will require analysis of systems used for processing, transmitting and storing credit card data. Areas in which cardholder data is typically processed include:

  • E-commerce website with a link to a payment gateway
  • Mail orders
  • Telephone orders
  • Payment virtual terminals
  • Credit card terminals (PDQs)
  • Payment applications
  • Voice-over-IP systems


The Dionach consultant may make recommendations of changes to business processes, this will be included in a full report which will help you achieve PCI DSS compliance, by identifying where you are not currently compliant and providing a list of actions you need to take.