PCI-DSS Audit Reports
It’s hard to get on the Visa Compliance List. We’ll make sure you get there.
Assurance
Compliance
On-Time Delivery
PCI-DSS Audit
If you are a merchant, service provider, or subservice provider who stores, processes, or transmits cardholder data, you are required to comply with the PCI DSS.
Don’t waste time on an audit that leaves you still feeling uncertain.
What if Visa and Mastercard don’t accept your report?
What if you’re non-compliant because your audit doesn’t catch everything?
What if your audit partner isn’t experienced enough to guide you through the complexities of getting on the compliance list?
We believe if you are going to do a PCI-DSS assessment, it should be worth it.
Quality Testing
Assurance doesn’t come from a checklist. It requires a diligent examination of your unique environment from trusted cybersecurity experts to know your controls are effective. Be sure your audit gives you the results you deserve.
Interactive Platform
Compliance can’t be put on autopilot. With the Online Audit Manager, onsite visits, and direct communication with a dedicated team of security professionals, your KP assessment experience will make sure your assessment is worth it.
Experienced Auditors
Confidence comes from experience. Our auditors have been in the industry, in your exact positions, and are passionate about making sure your audit is successful and maybe even fun. And they have a lot of certifications.
Hit Your Deadlines
On-time delivery is a given. Everyone has different deadlines, but our process will make sure you meet yours. When you partner with KirkpatrickPrice, you’ll never sacrifice quality because of a deadline. We’ll support you as you try to get on the list.
Testimonials
This kind of consulting is the value-add that we continue to find so rewarding and supportive, in everyone that we encounter at KirkpatrickPrice!
– President, Net Friends
“KirkpatrickPrice has made the audit process more efficient with the tools and partnership mentality that they bring to the table.”
– Director of Security, Compliance, and Technology, Connectria Hosting
Expertise is one of the best things we’ve gotten out of working with KirkpatrickPrice. Their auditors have been helpful in navigating through the audit and beyond. They’ve made themselves available as resources to assess the impact of changes to our controls and infrastructure.
– Security and Compliance Manager, CBOSS
Your tools are fantastic. Extremely easy to use. It provides visibility to what is complete and what is not.
– Security Compliance Architect, Cisco
Every time I leave an engagement with the KirkpatrickPrice team, I leave enlightened and it helps our organization mature towards the point we know we should be.
– CISO and VP of Cloud Operations, Health Catalyst
“I appreciate that they both have the heart of a teacher and aren’t in it for the “gotcha” moments.”
– Lead Developer, AdvicePay
Our Certifications
Get started today.
At KirkpatrickPrice, you’ll have a partner guide you from audit readiness to final report so you get the assurance you deserve.
Get Ready for your Audit
Whether you’ve never been through an audit or completed hundreds, our experts will prepare and empower you to successfully start and complete your audit. With access to our free learning platform, you can run scans, see what you’re missing, prepare documentation, and get access to experts and resources. Then when you’re ready, you can use the same platform to complete your audit. You don’t need extra tools to do an audit.
Partner with an Expert
Our security experts have been in your shoes and know how overwhelming audits can be. Your dedicated specialist will walk you through the entire process from audit readiness to final report.
Get on the List
PCI is complicated, but we make sure it’s worth it. By the end of the process, you will be proud of the work you did and know that it will make a difference in gaining new clients, staying compliant, and protecting your people. Your Attestation of Compliance will prepare you to get on the list.
Starting a PCI audit is overwhelming.
Our Beginner’s Guide to PCI Compliance will prepare you to complete your audit successfully.
You know you need a PCI audit, but don’t know what to expect or how to get started. This guide will prepare you for what your auditors are looking for and how to confidently begin your PCI compliance journey.
Resources
PCI FAQs
-
How much does a PCI audit cost?
Pricing for a PCI audit depends on scoping factors, including what type of organization you are, number of annual transactions, payment applications, physical locations, third parties, and audit frequency. Pricing will also vary based on the compliance level needed, inclusion of a gap analysis, or inclusion of additional remediation time.
-
How long does a PCI audit take to complete?
The average PCI audit can take anywhere from weeks to months, depending on your level of preparedness and staff’s availability for interviews and control demonstration. To satisfy the PCI-DSS requirements for an engagement, the auditor must validate scope, perform testing procedures, and document conclusions. These steps require time from the service organization’s management, which can be compressed or extended to meet your timeline needs. You can save time by leveraging the Online Audit Manager to maintain the audit evidence you need for compliance.
-
What do I receive when my PCI audit is complete?
PCI audits culminate in a final report to communicate confidence and assurance that mission-critical networks and physical environments are protected against the most damaging forms of threats. The components and formatting of PCI reports delivered by KirkpatrickPrice are based on guidelines provided by the PCI SSC and written by our in-house Professional Writing team.
-
How long is a PCI report valid?
PCI reports represent your controls from a period of time in the past. Typically, your clients will not accept a report issued more than 12 months ago because they want your testing to be relevant for their own audit period.
-
How often does a PCI audit need to be performed?
Industry standard is to schedule a PCI audit to be performed annually or when significant changes are made that will impact the control environment. Any frequency less than that will demonstrate a lack of commitment to compliance, plus it may cause distrust. Maintaining an audit process that covers each fiscal year will demonstrate a commitment to compliance and ongoing testing of controls, which ultimately contributes to the health of your organization.
-
Who is involved in a PCI audit?
In every PCI engagement, the Auditor is required by the PCI SSC to maintain communication with management and those charged with governance. Other team members involved in the audit could come from anywhere in your organization, ranging from IT to development to compliance officers – anyone with the appropriate responsibilities for and knowledge of the matters concerned in the audit.
Make Sure You’re Ready
Make sure you’re ready to face today’s threats confidently. Sign up to receive expert tips and guidance from our monthly newsletter, The Readiness Report, right in your inbox!
Wherever you are in your security journey, we’ll meet you there.
We’ve completed audits and security assessments for over 2,000 clients worldwide.
With locations in Atlanta, Bethesda, Chicago, Dallas, Los Angeles, Nashville, New York City, San Francisco, Seattle, and Tampa; KirkpatrickPrice experts are ready to help you achieve your goals.
800-770-2701
Corporate Office
4235 Hillsboro Pike
Suite 300
Nashville, TN 37215
