• Skip to primary navigation
  • Skip to main content
  • Skip to footer
ControlCase No Tag LOGO md

ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

  • Company
    • About Us
    • Careers
    • Locations
    • Team
  • Industries
    • Business Process Outsourcing
    • Cloud Service Providers
    • Retail
    • Telecom | Entertainment
    • Managed Service Providers
  • Certifications
    • PCI DSS Certification
    • CSA STAR Certification
    • GDPR Assessment
    • HIPAA Assessment
    • HITRUST Certification
    • ISO 27001 Certification
    • FedRAMP 3PAO Services and NIST 800-53
    • CMMC Certification
    • MARS-E Assessment
    • PCI SSF
    • P2PE Certification
    • SOC2 Report
  • Solutions
    • Continuous Compliance Solution
    • One Audit
    • Card Data Discovery Software
    • Data Security Rating
  • Testing
    • Application Reviews
    • Application Security Training
    • Code Reviews
    • Card Data Discovery
    • External Vulnerability Scans
    • Firewall Security Reviews
    • Internal Vulnerability Scans
    • Log Monitoring
    • Penetration Testing
  • Resources
    • Events
    • News
    • Webinars
    • Courses
    • Blog
    • Tools
    • Become a Partner
  • Contact Us
  • English

Company

You are here: Home / Company

ControlCase, LLC is a United States based company headquartered in Fairfax, Virginia with locations in North America, Europe, Asia/Pacific and the Middle East to serve our clients globally.

We are the pioneering and largest provider of Compliance as a Service(CaaS) services and a leading provider of PCI DSS compliance services internationally.

We provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

ControlCase focuses on providing and developing services, software products, hardware appliances and managed solutions. Our solutions help organizations manage Governance, Risk Management and Compliance related to IT operations. We provide solutions that help organizations address regulations and standards such as PCI DSS, ISO27001/2, Sarbanes Oxley (SOX), GLBA, HIPAA, CoBIT, BITS SIG/AUP, J-Sox, TG3, etc.

PCI related Compliance Services are the focus of the company. ControlCase has PCI experience on all sides of the card business, including the acquiring as well as issuing sides. Additionally, ControlCase has exposure to all links in credit card process chain Member Card organizations like VISA/MasterCard, Member Banks, Third-Party Processors (TPP), ISOs, DSEs, & IPSPs (Internet Payment Service Providers) and BPOs/KPOs etc.

We are a certified ASV vendor and a PCI DSS QSA and provide PA DSS and P2PE certifications.

Solutions That Work For Your Business

We enable large, medium and small-sized companies, federal and state government agencies by providing managed compliance solutions that are consistent and repeatable for unrivaled value over the life of a regulation or standard. With the use of our software solutions, we can assist you in achieving compliance in less time and consistently year after year.

Apply deep industry knowledge to solve complex compliance & security challenges

ControlCase professionals have years of practical and hands-on audit, compliance and risk management experience. Most of our employees have worked for Big4 audit companies and/or Fortune 500 firms. We leverage our experience serving various clients to provide comprehensive solutions to meet the objectives set forth in PCI, SOX, FISMA, and GLBA. Our approach has been proven repeatedly at large national and international organizations.

Making compliance manageable for your organization through Compliance as a Service(CaaS)

ControlCase, the global leader in Compliance as a Service(CaaS), has successfully assisted hundreds of clients worldwide in becoming compliant with various security standards and regulations in a cost-effective and optimal manner. From PCI to SOX to GLBA, ControlCase has assisted clients in meeting their compliance and security objectives in a timely and cost-effective manner.

ControlCase has assisted clients with:

  • PCI Compliance and Certification
  • SOX Compliance
  • GLBA Compliance
  • HIPAA Compliance
  • FISMA Compliance
  • ISO 27001/2 Assessments
  • COBIT based compliance
  • Compliance as a Service – CaaS
  • Safe Harbor Compliance
  • Vendor Risk Management and On-site Assessments
  • BITS SIG/AUP Assessments
  • TG3 Assessments
  • Network Security and Vulnerability Assessments
  • Penetration Testing
  • Web and PA-DSS Application Security Assessments
  • Wireless and Communications Security Assessments
  • Process, Policy and Procedure Review and Development
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Footer

Connect

Corporate Headquarters
3975 FAIR RIDGE DR STE T25S-D
FAIRFAX, VA 22033

Send us a message

Call Us

Search

About Us

ControlCase is a United States based company, headquartered in Fairfax, Virginia with locations in North America, Europe, Latin America, Asia/Pacific, Australia and the Middle East to serve our clients globally.

Quick Links

  • Company
  • Careers
  • Locations
  • Covid-19 Notice

Certifications, Assessments and Reports

  • PCI DSS Certification
  • CSA STAR Certification
  • GDPR Assessment
  • HIPAA Assessment
  • HITRUST Certification
  • ISO 27001 Certification
  • FedRAMP and 3PAO Services
  • MARS-E Assessment
  • PCI SSF
  • P2PE Certification
  • SOC2 Report

© ControlCase LLC 2025 | Privacy Policy | Impartiality Statement | Legal Notices

  • English
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}