make a good business better
Print Divider Print Divider Branding

If you store, process or transmit credit card data, your business is subject to the Payment Card Industry Data Security Standards (PCI DSS), a set of security rules designed to curb costly breaches and thefts across the industry.

PCI Data Security Standards Services

As a certified PCI QSA, LBMC offers a full suite of payments-related data security services to help you attain and demonstrate PCI compliance today.

PCI Gap Analysis/Readiness Assessment

We review compliance efforts performed to date, interview key staff and perform detailed testing procedures. This process will prepare you for a PCI audit and ensure that your PCI self-assessment questionnaire accurately represents your compliance status.

PCI Remediation and Roadmap

A readiness assessment may find that some PCI controls are ineffective or inconsistent with PCI DSS 3.2. Once the readiness assessment is complete, we can estimate the effort required to address remediation efforts. Remediation might include policies, software or hardware controls, or segmenting your network to reduce of PCI compliance cost.

PCI Penetration Testing

Testing to assure compliance with PCI DSS Section 11.3. Internal and external testing of the application layer, network layer, wireless networks, and social engineering. The methodology, scoping, and reporting processes align with the PCI DSS 3.1 requirements for penetration testing, including the CDE boundary validation requirements in PCI DSS 11.3.4.

PCI Full Scope Audit and Report on Compliance (RoC)

As far as the PCI Standards are concerned, only Level 1 merchants (typically big-name chain retailers) have to submit their Report on Compliance. But many acquirers require an RoC regardless of your size and the decision is up to them. After leading you through the audit process and completing the documentation needed to comply with PCI DSS, we issue the final Report on Compliance to the appropriate parties. 

ASV Quarterly Scanning

PCI requirement 11.2.1 requires quarterly vulnerability scans by an Approved Scanning Vendor (ASV). LBMC's ASV service includes unlimited scans for one year, a secure portal for completing the relevant self-assessment questionnaire, scheduling/administering your scans, and electronic filing with acquiring banks if desired. The client can use the ASV system on demand at any time.

Get a Quote on PCI Services

Do you need to know the cost of PCI security and compliance services for budgeting? Are you ready to move forward and need a quote? Our automated system will prompt you for the information we need to begin assessing your PCI compliance posture.

click here for executive team