/
PCI Compliance Roadmap

Knowledge Base

💡Knowledge Base Home | 🚀What's New | 📅Upcoming Training Events

PCI Compliance Roadmap

On this page

Related help guide pages

Useful resources

Read about PCI Compliance and our plans for compliance

At accessplanit, keeping your data secure is one of our highest priorities. As part of our ongoing commitment to protecting sensitive payment information, we’re working towards full PCI compliance.

This page outlines our roadmap for achieving and maintaining PCI compliance, what it means for you as a customer, and how it supports secure, reliable payment processing across our platform.

Please note that all dates within this page are projected, and we’ll continue to keep this page updated as we make progress, so you always have visibility of our plans and milestones.

What is PCI Compliance?

This section explains what PCI Compliance is, and why it matters to you

When payments are processed online, card information must be protected. That’s where PCI DSS (Payment Card Industry Data Security Standard), comes in.

PCI DSS is a set of global security standards, they are there to make sure that any business handling credit or debit card details does so safely. The standards set requirements for how card data is stored, processed, and transmitted.

Even though accessplanit does not store card details directly, we connect with trusted payment providers who do. Therefore we need to make sure that our platform and those integrations meet PCI requirements to provide a secure payment experience for everyone who uses accessplanit.

As our customer, accessplanit’s PCI compliance means:

  • Peace of mind that your customers’ payment information is handled securely

  • Confidence that accessplanit follows industry best practice when it comes to protecting cardholder data

  • Reduced risk of fraudulent activity or data compromise within your payment processes

Overall, PCI compliance helps us to protect your business and your customers from data breaches and fraud.

Our Roadmap to PCI Compliance (v1)

This section covers the accessplanit PCI Compliance plan

Phase

Timeframe

Phase 1: Foundations

Currently underway

Phase 2: Logging, monitoring, & controls

Early 2026

Phase 3: Web app & network security

Late 2026

Phase 4: Ongoing compliance & testing

Late 2026 - mid 2027

 

Phase 1: Foundations

Objective: Establish policies, scope, and endpoint security baseline.

The first stage of our PCI compliance journey is all about putting strong security foundations in place. During this phase, we’re focusing on understanding where cardholder data could be handled, setting clear security standards, and protecting every system within scope.

We’re identifying the areas of our platform and connected systems that are in scope for PCI DSS. From there, we’re implementing formal security policies and ensuring every part of our environment meets consistent security standards.

 

Phase 2: Logging, monitoring, & controls

Objective: Implement detection, logging, and access control measures.

In this phase, we’re putting in place the tools and processes that allow us to detect and respond to security risks quickly.

We’re introducing centralised monitoring to identify and respond to security events quickly. Controls around data access and device management will also be strengthened to prevent unauthorised use or data transfer.

 

Phase 3: Web app & network security

Objective: Protect the application and network layers handling cardholder data

This phase focuses on strengthening the core of our platform, ensuring payment information remains secure at every stage.

We’re improving how we develop and test our web applications to prevent common vulnerabilities.

We’re also reviewing all third-party payment integrations to confirm they meet the same high security standards.

 

Phase 4: Ongoing compliance & testing

Objective: Validate controls, refine processes, and prepare for assessment

Our final phase is focused on maintaining compliance, validating our work through regular testing, and ensuring our controls stay effective over time.

We’ll conduct regular internal and external testing, vulnerability scans, and security reviews to ensure our systems remain secure and compliant.

Our ongoing programme includes regular updates, user access reviews, and continuous documentation to maintain compliance and readiness for formal assessment.

 

Roadmap: Version control

This section outlines any changes we have made to our roadmap and why.

Version

Update(s)

Reason for update

Date

v1

Roadmap defined and published

Public roadmap required to communicate PCI compliance plans with the accessplanit customer base

October 2025

FAQs 

Does accessplanit store cardholder information?

No, accessplanit does not store or process raw cardholder data directly. All card payments made through our platform are handled securely by trusted, PCI DSS–compliant payment providers including Stripe, Adyen, Opayo, and WorldPay.
Our compliance work focuses on ensuring that our systems, integrations, and supporting infrastructure continue to meet PCI requirements and maintain a secure payment environment.

Will this work change how we take payments?

No changes are expected to your existing payment process and you can continue to use your chosen payment gateway as usual. Our roadmap is about strengthening the security controls behind the scenes.

Is there anything we need to do as customers?

At this stage, no action is required from our customers. However, if your organisation accepts card payments directly (outside of the accessplanit platform, e.g. through a basket you have built in-house), you may still have your own PCI DSS obligations. Your payment provider can guide you on what’s required for your setup.

How will accessplanit communicate updates about PCI compliance?

We’ll keep this roadmap updated as we move through each phase and notify customers of major milestones via our ChangeLog.
We want to provide full transparency, so you’ll always know where we are in our compliance journey.

Still have questions?

If you’d like to know more about our PCI compliance journey, or if you have specific questions about how this affects your organisation, we’re here to help.

You can contact our Support Team for general questions, or reach out to your Customer Success Manager if you’d like to discuss your payment setup in more detail.

 

 

Contact Our Team

If you can't find what you're looking for, access our Support Portal, and our team of experts will be happy to help!

Is it your first time contacting the team? Learn how to raise a support ticket.

Follow Us

Facebook|height=20 LinkedIn|height=20 Instagram|height=20 Twitter|height=20

Copyright © 2025 accessplanit.

Social media icons by icons8.com