United States

RSM quickly addresses gift fulfillment business PCI compliance



At the request of their clients, a gift, loyalty and rewards card fulfillment company needed to quickly develop a program to become payment card industry (PCI) compliant to protect the gift card and personal information of their client’s customers within a one-year period. This was required as part of the gift card company’s client compliance efforts with third parties. Since the client made up more than 50% of the revenue for the gift card company, it was critical that these PCI needs be quickly addressed.


A cross-functional RSM team was quickly assembled to assess and address PCI needs, including risk advisory, infrastructure, and security and privacy professionals. The team provided advice, support, development and implementation of the security program across the organization within the time necessary to achieve compliance, all during peak holiday season. Services provided included:

  • Assessment of current state of compliance to the PCI Data Security Standard (DSS)
  • Redesign of corporate network
  • Development and implementation of policies and procedures
  • Implementation of re-architect applications
  • Post-completion, quarterly reviews to determine if compliant state is being maintained


  • A virtual chief information security officer (CISO) was established to guide and implement the repeatable program
  • A permanent CISO was hired and the program was successfully transitioned for ongoing management
  • Security and privacy controls were developed and implemented
  • The gift card company maintained its client and used its compliance as a differentiator for more business
  • RSM’s quick response helped enhance the organization’s security and compliance program
  • The team demonstrated first-choice advisor traits by being collaborative with the client, showing quick critical thinking to assess and address PCI needs, while also demonstrating commitment and care of the client and our long-term relationship with them

you may also be interested in

PCI compliance diligence is a must for franchisors and franchisees

What must franchisors do to ensure franchisees are providing proper PCI security in their stores, restaurants and other businesses?

PCI Compliance Services and Data Security Auditing | RSM

Maintain compliance and mitigate risk with PCI compliance services, including gap, vulnerability, RoC assessments and specialized offerings.

Consumer Products Insights

( * = Required fields)


Consumer Products Insights
News, trends and insights for the consumer products industry.

Events and Webcasts

Case Studies