PCI Data Security | Payment Card Industry Security Standards 

The payment card industry places a high priority on maintaining the confidentiality and integrity of account and personal data. In September 2006, Visa USA,Master Card International, American Express and Novus formed the Payment Card Industry Security Standards Council, LLP (PCI SSC) to oversee the Payment Card Industry (PCI) Data Security Standard and related assessment and certification programs.

To achieve compliance,merchants and service providers must adhere to the PCI Data Security Standard,which offers a single approach to safeguarding sensitive data for all card brands. But meeting PCI Data Security Standard requirements can be a difficult and complex process. Many organizations lack the resources and types of skill sets necessary to maintain ongoing compliance with the PCI Data Security Standard.

How we can help

Freed Maxick has an experienced team of information security consultants who help your organization develop and maintain a complete security program. Our approach to PCI Data Security Standard compliance includes three types of services applicable to all service provider, managed hosting service provider and merchant levels:

1. PCI Data Security Standard assessment services – this review assesses your organization’s security against the controls listed in the PCI Self-Assessment Questionnaire or the PCI Report On Compliance (ROC) and provides recommendations for remediating any identified control gaps.
   
   
2. PCI Data Security Standard remediation services – this service provides feedback on remediation actions targeted to close any identified compliance gaps.
   
   
3. PCI ROC – this independent validation of PCI Data Security Standard compliance provides your organization with a PCI ROC and practical recommendations for enhancing your card processing systems’ security controls.

PCI Compliance benefits:

PCI compliance and related reviews have several benefits, including:

• Reducing control risk levels
• Mitigating risks associated with technology
• Providing high security standards for your customers
• Minimizing the threat to your organization’s reputation in the case of a security breach

Why Freed Maxick?

We understand you face unique challenges with PCI compliance. That’s why we offer a customized,flexible approach that’s based on an objective assessment of your needs. With a low management-to-staff ratio, we give you senior-level attention and personalized service. And our technology risk management consultants have experience providing PCI Data Security Standard assessment services to merchants and service providers across a number of industries.

Related Links: Enterprise Risk Management Sarbanes-Oxley (SOX) Consulting SOX 404 Compliance SOX IT Audits Internal Controls -Non-Profits | Private Companies Internal Audit Consulting Disaster Recovery - Business Continuity Planning Technology Risk Management Services Strategic Information Technology Planning Information Systems Selection - Implementation Technology Assessments - System Reviews Information Systems Security - Controls Consulting SAS 70 Reviews SAS 70 Audits PCI Data Security Standard Compliance

 

 

 

 

 

 

 

 

 

---

PCI Data Security Compliance Contact:

Freed Maxick & Battaglia, CPAs is Western and Upstate New York's (NY) largest public accounting firm and a Top 100 firm in the U.S. Freed Maxick provides, audit, tax and consulting services to private and public (SEC) companies in Buffalo, Rochester, Syracuse and Albany New York. Affiliated with RSM McGladrey, the 5th largest accounting firm in the U.S., Freed Maxick has vast national and international resources to help your business expand nationally and internationally.

Contact Larry Hessney Via the Web

Send Request for Proposals to:

Freed Maxick & Battaglia, CPAs    Attn: Eric Majchrzak    424 Main Street    Liberty Building, Suite 800    Buffalo, NY 14202    or send via email here

Larry Hessney, CIA, CISA

Director

Bio