Management Team

PSC Management Team

Tom Arnold

Colin Clark


Tom Arnold

Principal, Vice President
CISSP, ISSMP, CFS, CPISM/A, PCI/QSA, PCI PA-QSA

Mr. Arnold is Co-founder and Principal with PSC, in San Jose, California. He specializes in internal and external security assessments related to US and international standards. Mr. Arnold leverages his payments background to evaluate and design security controls and secure systems that accept a variety of traditional and emerging consumer payment technologies. Among his clients are trans-global payment processors; over-the-air and traditional card production/ personalization companies; global telecommunication companies; travel and hospitality companies; large multi-national retailers; oil and gas companies; big-box retailers; pharmacies; consumer financial institutions; and, global payment card brands.

Prior to PSC, he served as VP of Product Development and Chief Software Architect for the Merchant Services Division of InfoSpace, Inc. Products include Internet and IP/card-present payment gateway, loyalty earn and rewards systems, private-label hosting, Internet yellow pages, POS systems, and wireless retail interaction system.

And, prior to that, he was the Chief Technical Officer for CyberSource Corporation. While at CyberSource, he designed and deployed the full suite of Internet Commerce Services for the Company. He has an extensive background in Internet eBusiness systems and electronic commerce, having published several white papers, designed and consulted to some of the most successful electronic businesses, and provided policy guidance to the US Government policy makers.

In May 25, 1999, Mr. Arnold gave expert testimony to the US House of Representatives, Committee on Commerce, Subcommittee on Telecommunications, Trade and Consumer Protection to assist in their deliberations on the proposed SAFE Act, related to the use of encryption technology to secure and protect Internet eBusiness trading. Then, on June 10, 1999, Mr. Arnold testified before the US Senate, Committee on Banking on the security and technology impact of the proposed Export Administration Act of 1999. Since that time, he has been consulted by numerous regulatory agencies including the Department of Commerce, Department of Treasury, Department of Justice, World Trade Organization, European Union Tax Ministers, Organization for Economic Cooperation and Development, and the US Fair Trade Commission on topics of Internet commerce, digital rights management, identity theft, fraud, consumer protection and consumer privacy.

Back to Top


Colin Clark

Director, North America RMG PCI Services
CISSP, PCI QSA, PCI PA-QSA, PCI P2PE-QSA, Visa SA

Colin manages PSC operations in Europe, Middle East and Asia and he has had over 30 years of experience in payments from a merchant perspective before joining the Assessor community. Colin joined the PSC team in 2012 to help service client needs outside the USA.

In addition to card data security, Colin has in-depth experience of Data Protection regulations as well as the challenges (both security and operational) faced in systems integration projects resulting from merger and acquisition activity.

Before becoming a QSA, Colin held many positions in UK retail. In his final position as Head of Corporate Business Control at Somerfield Stores (£10bn turnover UK-based supermarket chain) he was responsible for IT Security, Financial Audit, Fraud Prevention / Investigation and Data Protection Compliance. He was extensively involved in major initiatives including the introduction of Chip and Pin (with the consequent liability shift) and also the extensive changes to processes and technology required as a result of the introduction of PCI-DSS. Additionally, his role covered Business Contingency Planning and meeting the continually increasing regulatory obligations related to Data Protection and Personal Information legislation.

Previous to that, Colin held roles in major UK companies including Gateway Foodmarkets and International Stores where he was responsible for a wide range of functions including Fraud Prevention / Detection, Data Mining, Information Security and Integration.

Colin is certified as a QSA, PA-QSA, P2PE-QSA and a Visa Security Assessor for Visa / PCI PIN and has worked on global assignments for some of PSC’s largest clients. He was promoted to VP in 2017 after over 5 years of working with the company.

Back to Top


Contact us for more information