Home
Case Studies
Groupize PCI Audit
Case Study

Groupize PCI Audit

How a PCI Audit Went From "No Fun" to "Positive and Educational"
Download PDF

Background

Groupize provides innovative, cloud-based solutions that reduce the complexity of sourcing, booking, and managing multi-room reservations, extended stays, groups, and meetings in real-time.

In early 2018, CEO Charles de Gaspe Beaubien realized the importance of obtaining a PCI Attestation of Compliance because many of the prospects Groupize worked with said they would only work with companies that had one.

Enter SecurityMetrics, which provided a qualified QSA to conduct a thorough PCI audit to uncover the gaps in Groupize’s compliance efforts.

“We were impressed with every aspect of the experience. While audits are never fun, the experience was positive and educational for our entire organization. The QSA was clearly an expert in this field and conducted the entire engagement professionally. We’re quite happy to be publicly associated with a leader in the security industry.” How a PCI audit went case study from “no fun” to “positive and educational”
- Charles de Gaspe Beaubien
President and CEO
Groupize

PCI Challenges You Faced

  • We had clients requesting that we obtain a PCI Attestation of Compliance.
  • Many prospects told us they would only work with companies that had an Attestation of Compliance.
  • Having never gone through this process before, we didn’t know where to start.

Resolving Challenges with SecurityMetrics' Help

  • SecurityMetrics provided us with a spreadsheet that outlined what information was expected of us. We were able to use this tool as a measuring stick to figure out what gaps we were likely to have. We knew that if our policy addressed everything on that list, we would be in good shape.
  • Our QSA communicated clearly throughout the process and made sure that all aspects of the audit were consistent with set expectations.
  • Our QSA was an expert on all topics during the audit. He was able to address topics at a high level with leadership as well as have code- and architecture-level discussions with our developers.

Goals Achieved Working With SecurityMetrics

  • We obtained our PCI Attestation of Compliance.
  • We are now able to work with prospects that require an Attestation, as well as appease current clients.
  • We found an industry-leading parter that we know we can trust when we have PCI compliance problems or questions.
Get Quote for PCI Compliance
Request a Quote
Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart InspectShopping Cart Monitor (PCI 6.4.3 & 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
© 2001–2025 SecurityMetrics, Inc.
All rights reserved.
Privacy Policy
|
Terms and ConditionsAbout us
|
Your IP Address is:
000.000.000.000