Payment Card Industry (PCI) Compliance

Maintain compliance and mitigate risk with PCI DSS compliance auditing and security services.

RSM has been named by the PCI Security Standards Council as a Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV). Our experienced team of information security consultants provides PCI compliance services for all levels of merchants and service providers, helping them maintain compliance with PCI standards and mitigate technology-related risks.

Our PCI compliance services include:

  • PCI-compliant external network security scanning — fulfills the DSS vulnerability scanning requirement and requires a QSA and ASV.
  • PCI-compliant penetration testing — determines if possible vulnerabilities in Internet-facing applications and systems jeopardize cardholder data security.
  • PCI data security standard assessment services — assesses an organization’s security against PCI DSS controls and suggests gap remediation strategies.
  • PCI data security standard remediation services — provides feedback on remediation actions targeted to close identified compliance gaps.
  • PCI report on compliance (ROC) — provides an independent validation of PCI DSS compliance and a ROC that can be submitted to an acquirer or one of the card associations (VISA, MasterCard, American Express, Discover, JCB).

Recommended Insights


PCI DSS version 3.1: How will it impact your organization?

Learn how PCI DSS guidelines have been amended to reflect emerging threats and new technologies, and how changes may affect your business processes.

  • July 14, 2015


Continual PCI compliance: Securing cardholder data on a year-round basis

PCI compliance is a constant obligation; unfortunately, many merchants leave data vulnerable by only focusing on compliance before their annual audit.

  • Andrew Weidenhamer
  • |
  • July 08, 2015


Clarity for penetration testing: new guidelines strengthen PCI standards

The PCI released new penetration testing guidance after years of confusion, but companies must understand the updated regulations to stay compliant.

  • June 26, 2015


The true impact of Chip and PIN: Separating fact from fiction

The card brands have set a date for Chip and PIN adoption in the U.S.; learn how new guidelines impact security, PCI obligations and fraud liability.

  • Joel Dubin
  • |
  • May 01, 2015

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.




RSM Raleigh Technology Conference

  • October 26, 2016


Emerging risks seminar: 2016 cybersecurity executive forum

  • October 11, 2016


RSM’s 40th Annual National Credit Union Conference

  • October 06, 2016


Cybersecurity and cloud summit

  • September 27, 2016