As you know, credit card breaches can be devastating, but securing credit card data is expensive and tedious. The Payment Card Industry Data Security Standard (PCI DSS) is long, technical, and periodically updated with new requirements and additional guidance. Many entities struggle to correctly identify the scope of their PCI environment, leading to compliance gaps. Other entities may not have a robust and well-documented PCI program, leading to confusion about who is responsible for which aspects of compliance. With the recent release of PCI DSS version 4.0, many have concerns about how to become compliant with this updated standard.
How Can KPMG Help?
To address these challenges, we are excited to announce the launch of our new KPMG PCI Compliance Services. With our seasoned Qualified Security Assessors (QSAs) and years of experience in scope reduction, gap analysis and remediation, program building, acquirer communication, and more, KPMG can help reduce the cost of compliance while simultaneously reducing the risk of breach.
We can help reduce the cost of compliance while simultaneously reducing the risk of breach. As a Qualified Security Assessor Company (QSAC) with seasoned Qualified Security Assessors (QSAs), KPMG has the skills and insights needed to improve your program. Our staff has years of experience in scope reduction, gap analysis and remediation, program building, acquirer communication, and more, to help our clients address concerns both before and after their PCI DSS assessment.
Scope Reduction
The best way to “win” at PCI DSS is not to play. KPMG can advise on scope reduction techniques to limit your cardholder data to the smallest possible footprint and reduce PCI program costs.
PCI 4.0 Readiness
Many entities that are currently attesting to PCI DSS version 3.2.1 are concerned about meeting the different requirements in version 4.0. KPMG can provide insight into new requirements and how to meet them.
Program Building
Whether an entity has a PCI compliance program that needs an uplift or no PCI compliance program at all, KPMG can help. Our QSAs can help with PCI policies and standards, PCI governance structure, PCI committee formation, and more.