Commerce at Western

Upcoming PCI DSS Security Audit

By: The Bank Card Committee

May 2, 2016

PCI Compliance

As you are aware, all Merchants who accept debit or credit card payments must remain compliant with the most current version of the Payment Card Industry Data Security Standards (PCI DSS).  With this in mind, the Bank Card Committee has taken steps to ensure Western's Cardholder Data Environment remains secure.  Through Merchant interviews, unit self-assessment questionnaires (SAQ), educational sessions, and policies and procedures, the Bank Card Committee has established a PCI program to ensure Western's PCI compliance.  To validate this compliance to our payment processors, Western has engaged in a PCI DSS Security Audit.

PCI DSS Security Audit Kickoff

NCI Secured Intelligence (NCI/MNP) has been awarded the contract as Western's Qualified Security Assessor (QSA) and the Security Audit will begin on May 16, 2016.

NCI will be on site for two weeks in May and will be working with the Bank Card Committee in a five phase process that will ensure Western's compliance with the most current version of the PCI DSS.  During this process, NCI will be interviewing selected Western Merchants, completing a scope discovery, a gap analysis and assisting Western with any remediation.  NCI will also assist Western in completing a SAQ for our payment processor (Moneris) and, upon successful completion, present Western with a Report on Compliance (ROC).

NCI Audit Interviews

All Merchants should be prepared to be interviewed by NCI between May 16, 2016 and May 20, 2016.  NCI will be selecting a variety of Merchants to be interviewed and the Bank Card Committee will be communicating to selected Merchants available interview time slots.  If you are selected, these interviews are mandatory. The Bank Card Committee will communicate to those selected during the week of May 2, 2016.

These interviews will be very similar to the interview you have already completed with the Bank Card Committee.

Please review Western's Bank Card Policies, the Bank Card Codes of Procedure and Western's Security Breach Plan.  

Published on  and maintained in Cascade CMS.