Why UHY Advisors for PCI?
Designated by the Payment Card Industry Security Standards Council (PCI SSC), UHY Advisors officially became a Qualified Security Assessor Company (QSAC) in the fall of 2009. To achieve that credential, our Technology Assurance & Advisory Services (TAAS) professionals completed a comprehensive application process, background check and training effort to meet the rigorous requirements of PCI SSC. The TAAS Group is now able to offer the following PCI services to meet your PCI compliance requirements and alleviate the demands imposed on merchants and payment card service providers.
- Annual Compliance Validation & Reporting
- Quarterly Vulnerability Assessments
- Penetration Testing
- Program Management for Merchants & Service Providers
- Readiness Assessment
- Remediation Assistance & Evaluation Services
- Scope Reduction Services
- Spot Check Programs
- Strategic Planning
What is PCI?
The PCI DSS (Payment Card Industry – Data Security Standard) is a set of comprehensive requirements for enhancing payment account data security that was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
The PCI DSS applies to any entity that stores, processes, and/or transmits cardholder data. It covers technical and operational system components included in or connected to cardholder data. If your business accepts, transmits, or processes payment cards, it must comply with the PCI DSS.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized. This document, PCI Data Security Standard Requirements and Security Assessment Procedures, uses as its foundation the 12 PCI DSS requirements, and combines them with corresponding testing procedures into a security assessment tool. It is designed for use by UHY Advisors assessors conducting onsite reviews for merchants and service providers who must validate compliance with the PCI DSS.
PCI Contact Team
Please feel free to contact one of these teams members for more information about our PCI services offerings and capabilities.