Looking at the compliance audit process as a ‘how’ versus ‘why’.

‘Compliance Auditing’ is a worrisome exercise and a valid concern for several reasons.

1. Dollars involved
2. Discovery of the many gaps that you may not even be aware existed
3. Remediation process which by itself could be a journey
4. Time away from normal work routines as it could require dedicated staff to provide answers to an auditor’s questions
5. Interference with running your business

However, a QSA’s goal is to help keep your business running smoothly and make sure your network environment is protected from a possible breach ever happening. They need the retailers’ help as well for the auditing to be successful. Look at the large picture – Helping you stay in business.

Look at the process as a ‘why’ versus a ‘how’.
Do not lose sight of why a security audit is needed. It is to protect your business, your customers’ data.  Not just to answer a list of requirements and get a ‘Report on Compliance’. A compliance audit is to evaluate your point of sale systems. The intentions are to:

• Inspect and analyze your systems to establish compliance with 286 PCI requirements
• Identify weak points that could cause a breach from inside and outside your stores
• Prevent data from falling into the hands of a hacker
• Keep  the card companies and acquiring banks happy with your data security

Call Omega if you are looking for help to prepare for an audit. 636-557-7777.