Payment Card Industry (PCI) Compliance Services
Maintain compliance and mitigate risk with PCI DSS compliance auditing and security services.
RSM has been named by the PCI Security Standards Council as a Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV). Our experienced team of information security consultants provides PCI compliance services for all levels of merchants and service providers, helping them maintain compliance with PCI standards and mitigate technology-related risks.
Our PCI compliance services include:
- PCI-compliant external network security scanning — fulfills the DSS vulnerability scanning requirement and requires a QSA and ASV.
- PCI-compliant penetration testing — determines if possible vulnerabilities in Internet-facing applications and systems jeopardize cardholder data security.
- PCI data security standard assessment services — assesses an organization’s security against PCI DSS controls and suggests gap remediation strategies.
- PCI data security standard remediation services — provides feedback on remediation actions targeted to close identified compliance gaps.
- PCI report on compliance (ROC) — provides an independent validation of PCI DSS compliance and a ROC that can be submitted to an acquirer or one of the card associations (VISA, MasterCard, American Express, Discover, JCB).
Learn how new PCI DSS guidelines reflect emerging threats and new technologies, and how changes may affect your business processes.
Learn about the most recent PCI standards, and how to understand which guidelines are applicable for merchants and financial institutions.
PCI compliance is a constant obligation; but many merchants leave data vulnerable by only focusing on compliance before their annual audit.
The PCI released new penetration testing guidance after years of confusion and companies must understand the updated regs to stay compliant.
How can we help you?
Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.
Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.