Financial Lender and PCI Compliance

Management asked Elliott Davis to help answer, "How can we ensure that we have a secure environment and are meeting PCI compliance?"

Context

• Affiliation of leading providers of consumer loans and other financial products
• Needed to confirm adherence to Payment Card Industry (PCI) Security Standards
• Goal: Verify secure environment that stores, processes, and/or transmits cardholder data
• Desired annual assessment against PCI standards, as well as quarterly ASV scanning

Our Approach

•Completed gap analysis on cardholder data environment annually
Report formal findings
Determine steps to remediation
Assist team in remediation efforts

•Performed quarterly external ASV scanning for compliance Requirement 11.2

•Completed internal and external vulnerability scans quarterly

Customer Impact

• Identified areas of risk that could lead to exposure
• Receives on-going testing results and formal findings
• Obtains a roadmap of remediation
• Reached their goal! Verification of secure environment that stores, processes and/or transmits cardholder data

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.