Our Services

Audits/Assessments (Payments - PCI/EMV)

With an emphasis on security and the ever increasing requirements to adhere to Payment Card Industry (PCI) standards and newly enacted EMV compliance, Impact 21 conducts payments readiness assessments (“mock audits”) of headquarter and store facilities identifying where documentation and training is necessary to meet all requirements.  Additionally, we can provide the necessary documentation and training to address the gaps.

Assessments and documentation include:

  1. Risk assessment report
  2. Project scope document on changes required prior to final audit
  3. Detailed project plan on key activities
  4. Complete forward facing IP scans to identify opportunities
  5. Industry & role specific PCI and EMV training programs – Off-the-shelf or custom
  6. Quarterly and annual updates

Impact 21 partners with SSJ Marketing & Consulting, a leader in Payments Compliance, to provide these services. Both companies have comprehensive experience as retailers and consultants and an understanding of payments standards. In addition, our work with industry solution providers and associations will provide the most up-to-date insights on upcoming regulations, trends and best practices.

A typical engagement will include the following activities:

Discovery

  • Review and compare policies and procedures to PCI/EMV requirements
  • Interview office personnel
  • Interview, store, training and Loss Prevention staff
  • Visit 3-5 retail sites
  • Interview IT staff
  • Scan selected desktop and network units for credit card data
  • Review all aspects of operations to determine PCI compliance

Design

Develop all processes, documentation and training required to close any gaps

  1. Build a detailed project plan for all gaps, including work effort, resources and timelines
  2. Build required processes and documentation on gap areas
  3. Facilitate all required training – Multiple options available including classroom, CD, on-line.
  4. Assist in selection of logging and monitoring company or software (Required in Level 1 Merchants)
  5. Assist in determining the best fit in PCI auditors for the company (Required for Level 1 Merchants)
  6. Determine how site wireless detection will be completed (Required for Level 1 Merchants)
  7. Help determine options for internal and external scans (Required for Level 1 Merchants)
  8. Complete another mock audit to determine if ready for Compliance audit
  9. Provide support for any additional findings/gap identified from the PCI auditor