PCI Scope Assessments

PCI Scope Assessments

The Payment Card Industry Data Security Standard (PCI DSS) affects organizations across all sectors and industries. Any organization that accepts credit cards -- including schools and other non-profits -- must be aware of and stay compliant with PCI obligtations, even if credit card transactions account for only a tiny percentage of your institution's revenue. 

But what does it really mean to be compliant? What if your organization outsources most elements of credit card processing to a vendor? 

We work with organizations to help define their cardholder data environment (CDE) and decode the PCI environment. 

PCI-related questions we've answered and prob we've solved for clients: 

Your Board of Trustees has asked why your IT and Finance departments are spending so much time, money, and resources on PCI compliance. What can you do to improve the situation? 

Your new CFO has asked for a complete picture of the PCI environment and all of the major players: the payment processors, gateways, merchant banks, MID list. You don't know where to start to track down or make sense of this information. 

Your new CIO wants an external team to review your organization's network segmentation in light of PCI compliance. 

Contact the FireOak team to discuss your PCI scope questions.