GRC's IT Governance Expands Capabilities Into US

4 July 2022

GRC International Group PLC

("GRC" or the "Group")

GRC's IT Governance expands capabilities into US

GRC International Group PLC (AIM: GRC), the international governance, risk management and compliance company whose main business is cyber defence-in-depth, announces that its IT Governance business is now providing Payment Card Industry (PCI) Qualified Security Assessor (QSA) services in the USA.  The business has been authorised to operate in the US and now appears on the PCI Security Standards Council (PCI SSC) website.

PCI SSC is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide.

All businesses that accept payment cards are vulnerable to hackers trying to steal financial information and commit identity fraud. The Payment Card Industry Data Security Standard (PCI DSS) introduced by the PCI SSC, exists to ensure that businesses process credit and debit card payments effectively to protect cardholder data.

All organisations that accept, store, transmit, or process cardholder data must comply with the PCI DSS.

IT Governance's new PCI QSA licence means that the business can now extend its Qualified Security Adviser services to the US.  It can undertake security audits on organisations that process payment cards and certify that they are compliant with the PCI DSS.

This investment is one of a number that are accelerating the growth of the Group's US business, one of GRC's medium-term strategic priorities.

Alan Calder , Chief Executive Officer, commented:

"This important development reflects the quality of our service offering and technical expertise across our operations.

"This QSA license will enable us to provide a wider global service for existing customers and partners who have growing e-commerce and payment services business in the US. These types of PCI Consultancy contracts tend to be large and multi-year.

"It is also a demonstration of our international development strategy as we see considerable opportunities across the substantial US market. The US market has seen a significant increase in cybercrime which is resulting in an acceleration in governance, particularly as US PCI compliance has lagged behind the UK and the EU."

ENDS

Enquiries:

GRC International Group PLC  +44 (0)330 999 0222

Alan Calder, Chief Executive Officer

Christopher Hartshorne, Finance Director

Grant Thornton UK LLP (Nominated Adviser)  +44 (0)20 7383 5100

Philip Secrett/ Jamie Barklem/ Daphne Zhang/Samuel Littler

Dowgate Capital Limited (Broker)  +44 (0)20 3903 7715

James Serjeant/David Poutney/Russell Cook/Nicholas Chambers

Meare Consulting  +44 (0)7990 858548

Adrian Duffield

About GRC International Group PLC

GRC is an international governance, risk management and compliance company whose main business is cyber defence-in-depth.

A technology business, its proprietary premier brands including the market leader, IT Governance, offer 'Our expertise, your peace of mind' for GRC's wide range of domestic and international corporate customers across all industrial sectors.

GRC's three operating divisions - Software as a Service (SaaS), e-Commerce and Services - offer a wide range of products and services encompassing: IT governance, risk management, compliance with data protection and cyber security regulations, online and in-person training and staff awareness, consultancy, online publishing and distribution as well as software. The Group's capabilities also include products and services to enable corporates to address wider governance issues such as money laundering and bribery.

In addition to its UK business, GRC has operations in the EU and US.