Case Study: Woods Group Limited achieves PCI DSS and Gambling Commission RTS compliance with URM

Woods Group Limited - Customer Case Study

The Woods Group Limited, a charity fundraising specialist serving more than 50 charities, needed to strengthen its governance and information security while meeting two demanding compliance requirements: PCI DSS and the Gambling Commission’s Remote Gambling and Software Technical Standards. Although its card volumes only required a self-assessment, Woods wanted a more robust Level 1 PCI DSS assessment, and it also had to achieve GC RTS compliance on a tight regulatory timeline. URM was selected to help them manage both standards together.

URM provided PCI DSS and GC RTS consultancy, including payment card data-flow analysis, gap assessment, scope setting, remediation workshops, project management, policy and process development, and a pre-assessment PCI DSS dry run. By combining both compliance streams into one coordinated program, URM helped Woods achieve externally assessed compliance from December 2014 to May 2015, strengthening governance, improving network and security controls, and creating a framework that supported future growth. The work also helped Woods reassure clients, develop staff skills, and win new business.

Woods Group Limited

Ian Scarr

Managing Director