Payment Card Industry (PCI) Compliance Services

Maintain compliance and mitigate risk with PCI DSS compliance auditing and security services.

RSM has been named by the PCI Security Standards Council as a Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV). Our experienced team of information security consultants provides PCI compliance services for all levels of merchants and service providers, helping them maintain compliance with PCI standards and mitigate technology-related risks.

Our PCI compliance services include:

  • PCI-compliant external network security scanning — fulfills the DSS vulnerability scanning requirement and requires a QSA and ASV.
  • PCI-compliant penetration testing — determines if possible vulnerabilities in Internet-facing applications and systems jeopardize cardholder data security.
  • PCI data security standard assessment services — assesses an organization’s security against PCI DSS controls and suggests gap remediation strategies.
  • PCI data security standard remediation services — provides feedback on remediation actions targeted to close identified compliance gaps.
  • PCI report on compliance (ROC) — provides an independent validation of PCI DSS compliance and a ROC that can be submitted to an acquirer or one of the card associations (VISA, MasterCard, American Express, Discover, JCB).

Recommended Insights


PCI DSS version 3.2: How will it impact your organization?

Learn how new PCI DSS guidelines reflect emerging threats and new technologies, and how changes may affect your business processes.

  • November 14, 2016


PCI security standards: A high-level overview

Learn about the most recent PCI standards, and how to understand which guidelines are applicable for merchants and financial institutions.

  • Joel Dubin
  • |
  • October 27, 2016


Continual PCI compliance

PCI compliance is a constant obligation; but many merchants leave data vulnerable by only focusing on compliance before their annual audit.

  • Andrew Weidenhamer
  • |
  • July 08, 2015


Clarity for penetration testing: New guidelines strengthen PCI standards

The PCI released new penetration testing guidance after years of confusion and companies must understand the updated regs to stay compliant.

  • June 26, 2015

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.