Project Management

Audit Readiness for PCI (Payment Card Industry) Data Security Standard Compliance

Date Added: Jul 2009
Format: PDF

Retailers that fail Payment Card Industry Data Security Standard (PCI DSS) audits can be fined up to $500,000. Additional penalties can range from increased audit requirements to retraction of credit card processing privileges. Generally, retailers that process over 20,000 credit card transactions per year must fill out an annual self-assessment and conduct quarterly network scans by an approved vendor. Retailers that process over 6 million credit card transactions per year are also subject to annual on-site audits. Effective December 2010, MasterCard requires on-site third party audits of Level 2 merchants that handle between 1 million and 6 million credit card transactions annually.