CPA firm IS Partners, LLC, one of the nation’s premier internal controls attestation firms, is pleased to announce that it is now certified as a Qualified Security Assessor (QSA) to perform Payment Card Industry Data Security Standard (PCI-DSS) audits. John DeCesare, CEO & Founder, stated, “Because of our vast knowledge and expertise in the internal controls arena, we feel that we have a unique perspective on how to address PCI-DSS, especially when combined with other internal controls attestations, such as SOC 1, SOC 2 and SOC 3 audits. The advantage for our clients who require both a PCI and SOC audit is that we can leverage the efficiencies of performing both audits, thereby lowering costs.”
The Payment Card Industry Data Security Standard (PCI DSS) is a multifaceted security standard that includes requirements for security management, policies and procedures, network architecture, software design, and other critical protective measures. The requirements for enhancing payment account data security were developed by the PCI Security Standards Council, whose members include Visa, MasterCard and American Express, to help facilitate the broad adoption of consistent data security measures on a global basis. These requirements address such issues as:
- Maintaining a secure network through regular monitoring and testing
- Protection of cardholder data
- Maintaining an information security policy
- Regular monitoring and testing of networks
- Implementing strong access control measures
About IS Partners, LLC ─ IS Partners, LLC is a Certified Public Accounting firm registered with the AICPA (American Institute of Certified Public Accountants) and PCAOB (Public Company Accounting Oversight Board) specializing in performing SOC audits for service organizations in accordance with AICPA Attestation Standards. ISP is managed by a group of highly seasoned partners who also have vast experience in performing FISMA and HIPAA HITECH assessments, HITRUST Certifications, Sarbanes- Oxley (Section 404) management self-assessments, Model Audit Rule compliance, ISO 27001 and other specialized information technology audits.