Optiv provides Payment Card Industry Data Security Standard (PCI DSS) compliance consulting and management services for organizations that accept, store, or transmit cardholder data. As a Qualified Security Assessor (QSA), Optiv conducts PCI DSS audits and assessments for different merchant levels. The service covers PCI DSS v4.0 compliance requirements, which includes approximately 500 controls that organizations must validate annually. Optiv assists with gap identification, remediation planning, scope reduction strategies, and compliance roadmap development. Services include readiness assessments, PCI risk assessments, gap assessments, penetration testing for PCI and segmentation, QSA-provided Self-Assessment Questionnaire (SAQ) guidance, completed SAQs, Report on Compliance (ROC) preparation, and Designated Entities Supplemental Validation (DESV). The company also offers Approved Scanning Vendor (ASV) reselling, solution implementation, QSA retainer services, and PCI Compliance as-a-Service. Optiv helps organizations prepare for PCI DSS v4.0 changes including new requirements for multi-factor authentication, 12-character passwords, automated phishing detection, web application firewalls, authenticated vulnerability scanning, data governance, and data loss prevention tools. The service addresses compliance challenges through advisory, deployment, and operational support models. The consulting extends beyond PCI DSS to include other compliance frameworks such as HIPAA, CCPA, GDPR, Sarbanes-Oxley, NIST CSF, and ISO27001/2.