PCI Security Audit/ Annual PCI Risk Assessment
Many organizations believe that using a third-party card processing company automatically makes them PCI compliant. Unfortunately, this isn’t always the case. Maxwell IT provides technical and industry expertise to keep your customers—and your business—secure and protected. In our PCI compliance assessment, we’ll analyze your environment and deliver the most effective, affordable and secure solutions possible.
Here’s What’s Included in Our Annual
PCI Compliance Risk Assessment:
Administrative Safeguards
- Security Management Process
- Risk Analysis
- Risk Management
- Sanction Policy
- Information System Activity Review
- Assigned Security Responsibility
- Workforce Security
- Information Access Management
- Security Awareness Training
- Security Incident Procedures
- Response and Reporting
- Contingency Plan
- Data Backup
- Disaster Recovery Plan
- Emergency Mode Operation Plan
- Evaluation
- Business Associate Contracts & Other Arrangements
- Written Contract
Physical Safeguards
- Facility Access Controls
- Workstation Use
- Workstation Security
- Devices and Media Controls
- Disposal
- Media Re-Use
Technical Safeguards
- Access Control
- Unique User Identification
- Emergency Access Procedure
- Audit Controls
- Integrity
- Person or Entity Authentication
- Transmission Security