News & Events CharityeCommerce

Elovate PCI Audit 2023

Another Triumph in Compliance. 

As the curtains close on another year, it is great to kick start 2024 with positive news that deserves celebration. Today marks a significant milestone for our organisation as our external Qualified Security Assessor (QSA), SRM, officially signed off our PCI compliance version 3.2.1. After navigating through a rigorous couple of weeks of audit, we can proudly say that our commitment to maintaining the highest standards of cardholder data security has paid off. 

Alastair Fell, Commercial Director: As we reflect on a year of significant investment in our technology platforms, it is vital we ensure that all areas of our business operate to the highest level of compliance. PCI compliance is critical to maintaining secure cardholder payment environments for our clients and their customers and I am delighted that we have evidenced our safe systems and processes for another year”  

Expanded Scope for Comprehensive Compliance 

This achievement comes on the heels of an expanded scope that now covers the physical locations in both York and Slough, our contact centre, post rooms and data capture operations across the group. The scope of audit also certifies the new systems, network and infrastructure involved in processing cardholder data. This broadened scope demonstrates our dedication to not only meeting the compliance requirements for PCI DSS, but going above and beyond to safeguard sensitive information across various facets of our organisation. 

Acknowledging the Efforts of All 

Undertaking such a comprehensive audit is no small feat, and it wouldn’t have been possible without the collective efforts of our dedicated team. Our heartfelt thanks go out to everyone involved in the development and ongoing maintenance of our systems and infrastructure and the audit process. 

Looking Ahead: Version 4 and Beyond 

As we bid farewell to 2023 and welcome the new one, our focus shifts towards the future. The next step on our compliance journey involves gearing up for version 4 of the PCI DSS, which is scheduled for assessment next December.

Embracing Change and Growth 

Our continuous engagement with compliance is not just a checkbox exercise; it’s a dynamic process that requires adaptability, education and a commitment to evolving security standards. Elovate is dedicated to staying ahead of the curve, ensuring that our systems, processes, and people are aligned with the latest industry best practices. 

In Conclusion 

Amidst the completion of many significant projects of the past year, the successful PCI compliance stands as a testament to our continued investment and commitment to information security and the highest levels of compliance.

Back to Stories