PCI ComplianceFor anyone who takes credit cards as a form of payment
FRSecure is a full service information security consulting and management company. If you need anything security related, from assessments to social engineering to security training to policy development etc., give our team of experts a call and find out how to get our experience working for you.
What is PCI Compliance?
PCI compliance is a specific security regulation around the protection of credit card information. PCI defines specific technical, physical and documentation (policy/procedure) controls that must be present if you accept credit cards as payment or if you provide a service to other organizations where you take payment on their behalf.
Depending on how your systems work, you follow one of the PCI compliance processes. For some, it’s a simple form to fill out, for others, it’s a formal audit.
* Even if you outsource your credit card payments to a third party, you still have PCI requirements
Do I need to worry about PCI?
If you take credit cards, yes. Often there’s a misconception that if you’ve outsourced your CC collection to a third party (web portal, swipe machine, etc.) that you are automatically compliant. This is false. You may not have a ton of requirements, but there are still some things you need to do.
FRSecure figures out exactly what you need to do to claim PCI compliance and attest appropriately.
What PCI services does FRSecure provide?
FRSecure tailors our PCI work to your needs. Some common PCI projects:
- PCI gap assessment
- PCI requirements analysis
- PCI documentation (policy and procedures required for compliance)
- PCI SAQ completion (for orgs that don’t need a ROC audit)
- PCI ROC audit
One of the most popular PCI services we offer is consulting around how to minimize PCI requirements. Often, simple changes can be made that greatly reduce the complexity of compliance with PCI.
How much does PCI compliance consulting cost?
At FRSecure, every project is custom designed for our clients. We take into account your organization’s size, complexity, industry, compliance requirements, and most importantly, your actual needs. Because of our tailored approach, all you need to do is spend a few minutes on the phone with our team to make sure we are delivering exactly what you need and want.