PCI Audit

PCI Audit & Report on Compliance

What is a PCI Audit?

PCI DSS, the Payment Card Industry Data Security Standard, consists of nearly 400 individual controls and is a critical part of staying in business for any merchant, service provider, or subservice provider who is involved in handling cardholder data. In fact, if you are a merchant, service provider, or subservice provider who stores, processes, or transmits cardholder data, you are required to comply with the PCI DSS.

SPEAK WITH A PCI EXPERT

START YOUR AUDIT ONLINE

PROTECT & GROW YOUR BUSINESS

How Can PCI Compliance Benefit Your Organization?

If you are a merchant, service provider, or subservice provider who stores, processes, or transmits cardholder data, then PCI compliance is critical to the operability of your organization. A non-compliant organization could be subject to substantial fines and penalties, termination of ability to accept cards as payment, loss of business, lost confidence of customers, and legal costs. On the other hand, PCI compliance demonstrates your commitment to security and assures your clients that their cardholder data is protected.

The current version of the standard, PCI DSS v3.2, has nearly 400 controls categorized under six control objectives and 12 major subject areas. Compliance with the standard means compliance with the following requirements:

Install and maintain a firewall configuration to protect cardholder data

Do not use vendor-supplied passwords and other security parameters

Protect stored cardholder data

Encrypt transmission of cardholder data across open, public networks

Protect all systems against malware and regularly update anti-virus software or programs

Develop and maintain secure systems and applications

Restrict access to cardholder data by business need to know

Identify and authenticate access to system components

Restrict physical access to cardholder data

Track and monitor all access to network resources and cardholder data

Regularly test security systems and processes

Maintain a policy that addresses information security for all personnel

What do you have to do to become PCI compliant? KirkpatrickPrice is here to help you navigate the journey to PCI compliance.

Why Work with KirkpatrickPrice?

As a licensed CPA and QSA (Quality Security Assessor) firm, we deliver hundreds of PCI Audit Reports on Compliance (RoC) per year and KirkpatrickPrice Information Security Specialists are senior-level experts.

Whether you need a Report on Compliance (RoC) or help with your Self-Assessment Questionnaire (SAQ), KirkpatrickPrice can help. KirkpatrickPrice also provides risk assessments, policy and procedure development, penetration testing, and vulnerability scanning services to help meet the needs of your organization in achieving PCI compliance. Our audit delivery tool, the Online Audit Manager, streamlines the audit process, helps reduce the complexity of compliance efforts, and gives our clients the ability to combine multiple audit frameworks into one audit. We’ve spent over a decade honing this process so that clients can complete one audit process while receiving multiple reports.

Connect with us today to learn about the time it takes to complete a PCI audit, understand the cost of receiving a PCI report, and take part in a free demo of the Online Audit Manager.

SCHEDULE A CALL

Learn More

The PCI DSS is a complex framework with nearly 400 controls. Unsure of where to start, but want to learn more? We’re here to help! Check out our free resources all about PCI DSS compliance.