1. At the time of receiving this request, are all of your merchant accounts (the facilities for accepting payments from the public by credit / debit cards) fully compliant with the PCI DSS requirements?
2. If your systems ARE compliant, please could you advise the cost of attaining compliance in the following cost areas:
a. External costs (e.g. consultants, QSA's, project management etc)
b. Internal costs c. Capital costs
3. If your systems are NOT YET compliant, please could you indicate ANTICIPATED costs (N.B. If you have not yet quantified these potential costs, then please simply mark as N/A)
a. Anticipated external costs
b. Anticipated internal costs
c. Anticipated capital costs
Question 1 - Yes
Question 2 - No extra cost as we buy this through Capita and it is included in the contract cost.