Tag Archive: compliance

PCI Certification vs. Compliance: What Is the Difference?

Written by
Published 12/12/2019

Organizations are often left wondering what is the difference between a certification granted by representatives of the Payment Card Industry (PCI) and that of obtaining compliance.  The Payment Card Industry Data Security Standard (PCI DSS) defines a framework for protecting cardholder data. The framework was developed by the Payment Card Industry Security Standards Council (PCI SSC) and enabled organizations to assess how well they are protecting cardholder data, training staff, and conducting PCI DSS audits. The PCI Security Standards Council enables organizations to become PCI DSS compliant. Accepting payment cards like Visa, Mastercard, American Express, Discover, and JCB are critical to a merchant’s ability to transact business. Cash and checks are becoming rarer in bricks and mortar companies and all…

What Is a PCI Audit?

Written by
Published 07/11/2019

What is a PCI Audit? A PCI audit examines the security of your organization’s credit-card processing system from beginning to end.  During this process, a Qualified Security Assessor (QSA) or your own Internal Security Assessor will determine the effectiveness of your organization’s information security controls. To pass the test, your payment network must meet as many as 281 criteria spelled out in the Payment Card Industry Data Security Standard, or PCI DSS, with which all merchants and their service providers must comply. To demonstrate PCI compliance, your organization must do one of two things:     Have an on-site audit by a Qualified Security Assessor (QSA) or Internal Security Assessor, or     Fill out a PCI DSS self-assessment questionnaire,…

Tags: , ,
Categorized in: