- Cyber Security Services
- Compliance Services
- IT Risk and Audit Services
- Contact Us
Let’s face it, achieving PCI Compliance can be challenging. However, maintaining compliance with the latest version of the PCI Data Security Standards can be even more difficult. As part of the PCI Compliance process, there are many different things that an organization must do throughout the course of the year to satisfy the PCI Security Standards Council and the payment card brands. If you fail to complete the requirements outlined by the PCI Security Standards Council, there are several possible things that could happen:
None of the possible outcomes above are positive nor will they help your business in the short term or the long term. In fact, going through the process of becoming PCI compliant is almost always far less expensive than taking the risk of not being compliant. But let’s return to the main question of how do you monitor your compliance throughout the year?
Before we get to the good stuff, let’s talk about some statistics around PCI Compliance for merchants and service providers:
That is a lot of information to not only remember to complete, but to also document that you have completed. For this reason, we have created a PCI Compliance Checklist that you can use to see what you must complete, monitor your progress, and have a visual representation of what you still need to complete. Please note that this checklist is not designed to make you PCI Compliant, rather it is a tool for you to use to monitor your progress and recognize what you have completed and what you still need to complete.
When you fill out the form on the next page, you will be taken to a page to download the PCI Compliance checklist in PDF format. There will be one checklist for merchants and one checklist for service providers. Please select the checklist that pertains to you and download it and start using it. To help clear up any confusion, according to the PCI Security Standards Council, here are the definitions of both a Service Provider and Merchant:
Service Provider – Business entity that is not a payment brand, directly involved in the process of processing, storing, or transmission of cardholder data on behalf of another entity. Service providers serve merchants and/or other service providers.
Merchant – Any business entity that accepts payment cards bearing the logos of any of the five members of the PCI SSC (American Express, Discover, JCB, Mastercard, or Visa) as a payment for goods and/or services. A merchant will have one or more Merchant IDs issued by their acquiring bank.
For more information on the differences between the two, feel free to visit the PCI Security Standards Council website at https://www.pcisecuritystandards.org. In the meantime, download the checklist and contact us with any questions that you have. Until next time, be safe!