About Partners Contact Client Portal
LinkedIn Twitter
Services Industries Insights & Events Careers & Culture

Services

RubinBrown specializes in providing a comprehensive range of services to meet business and personal needs. Whether you require expert tax, strategic business consulting, audit services or more, RubinBrown's team of experienced professionals are here to support you.

View All Our Services
Assurance Services
Benefit Plan Audit Services Public Company Services SOC Examinations, IT Audit, & Third-Party Risk
Consulting Services
Business Process Improvement Services Business Restructuring & Bankruptcy Services Cyber Security Services Environmental, Social and Governance Services ERP & Enterprise Software Advisory Fraud & Forensics SOC Examinations, IT Audit, & Third-Party Risk Information Technology Services Litigation Services Mergers & Acquisitions Services Risk & Internal Audit Services Valuation Services
Entrepreneurial Services
Outsourced Accounting & Advisory Services
Tax Services
Federal Tax Services Private Client Services Credits & Incentives Services State & Local Tax Services
RubinBrown Advisors RubinBrown Corporate Finance

Industries

At RubinBrown, we bring experience across a range of industries. Our experience enables our professionals to offer tailored solutions catering to the intricacies of each sector. Our professionals have years of focused engagement and skills, allowing them to navigate industry-specific challenges to benefit our clients.

View All Our Industries
Colleges & Universities Construction Gaming Healthcare Law Firms Life Sciences & Technology Manufacturing & Distribution Not-For-Profit Private Equity Public Sector Real Estate Transportation & Dealerships

Insights & Events

At RubinBrown, we provide valuable insights detailing emerging trends and industry-specific information. Our events, hosted virtually and in-person, keep you informed and connected to the topics and industries that matter most to you and your organization.

View All Insights & Events
Jun 11

RubinBrown’s Leveraging Technology for Business Success

Learn More & Register
Jun 17

RubinBrown’s Rural Health Webinar Series

Learn More & Register

RubinBrown Sports Betting Index: March 2025 Analysis

Learn More

Tax Bill Watch 2025: Budget Resolution Compromise

Learn More

Careers & Culture

At RubinBrown, we are inspired team members, working as one firm, living our core values, and Being Our Best for Others while delivering totally satisfied clients. We invite you to learn more about the Firm's culture, the Be Your Best for Others mentality, and explore the available opportunities at RubinBrown.

Discover Our Culture
Baker Tilly International Campus Recruiting Diversity & Inclusion Experienced Recruiting RubinBrown Charitable Foundation Join The Team
Back to Cyber Security Services

Payment Card Industry Data Security Standards (PCI DSS Services)

RubinBrown’s Cyber Security Services team has developed a combination of technical, procedural, and supporting services to assist our clients with PCI DSS compliance.

Payment Card Industry Data Security Standards (PCI DSS Services)

RubinBrown’s Cyber Security Services team has developed a combination of technical, procedural, and supporting services to assist our clients with PCI DSS compliance.

Credit card processing is a business requirement in our “cashless” and “no-touch” world, and still the target of cyber criminals around the world. Accepting credit cards as part of business requires compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.

While credit card compliance requirements are not new, the threats and technologies continue to evolve, as does the PCI DSS. RubinBrown is one of few public accounting firms that provide PCI DSS consulting, reviews, and formal assessments under the PCI DSS examination of compliance standards.

RubinBrown’s Cyber Security Services team has developed a combination of technical, procedural, and supporting services to assist our clients with PCI DSS compliance.

Scoping and assisting with reduction of your cardholder data environment (CDE),

  • Providing readiness assessments, consulting and compliance documentation support to keep your organization aligned with requirements, and
  • Conducting formal PCI DSS assessments for Service Providers and Merchants.

No matter where your organization is in the PCI DSS lifecycle, our team is ready to assist. Whether you are a small merchant looking for help, a Level 2 Merchant preparing for Level 1, or a Level 1 Merchant or Service Provider maintaining compliance, we can ease your compliance journey while still meeting the rigorous compliance requirements of the PCI DSS.
The following steps are critical in your compliance journey:
  1. Understand the scope – gaining and understanding and documenting the scope is the critical first step;
  2. Manage the scope – once the scope is well understood, manage it to ensure it only grows (or shrinks) by design
  3. Reduce the scope – the key to keeping PCI DSS compliance costs to a minimum. Use authorized and recommend changes to the CDE to minimize the scope.

Proactive scope management can change the required Self-Assessment Questionnaire (SAQ) and significantly reduce the costs of ongoing compliance efforts. Balancing operational factors with compliance requirements can be complicated. Our team can help with the technical compliance efforts so you can focus on the business
PCI DSS compliance management includes a combination of daily, weekly, monthly, quarterly, and annual activities. The activities need to be executed, evidenced, and tracked. We introduce simplified tools customized to your environment to collect compliance information and track activities.

We develop customized solutions for you ranging from annual updates and reviews, to periodic touchpoints to review compliance status and supporting evidence, or fully integrated support. Our compliance management support can be combined with our virtual Chief Information Security Officer (vCISO) services to manage the following, as needed:
  • enterprise cyber security,
  • PCI DSS, and
  • other compliance requirements

cyber-security.png
We conduct formal PCI DSS assessments for Merchants and Service Providers using tools and methods designed to quickly and efficiently assess your state of compliance. Our standard approach for conducting PCI DSS assessments includes annual planning sessions, mid-year updates, and a flexible 90-day assessment plan.

We have found the 90-day plan provides sufficient time for reviews, sampling, interviews, evidence validation, remediation (if needed) checks, and follow-up interviews.

When performing the PCI DSS assessment, we will:

  • assist with the identification and completion of the required SAQs,
  • complete the Report on Compliance (ROC), and
  • complete the Attestation of Compliance (AOC) that meets the needs of your Merchant or Service Provider environment.
Our methodology for technical assessments leverages aspects of NIST SP800-115, the Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Payment Card Industry Data Security Standard (PCI DSS) and our team members’ experience.

Phases-PCI-DSS.jpg

Our technical assessment team can assist with the required assessments including:

  • External Vulnerability and Penetration Testing
  • Internal Vulnerability and Penetration Testing
  • Network Segmentation Testing
  • Firewall Rule Set Reviews
  • Web Application Security Assessments

Contact Us

Payment Card Industry Data Security Standards (PCI DSS Services)

Audrey Katcher, CPA, CISA, CITP, CGMA Partner audrey.katcher@rubinbrown.com 314-290-3420
Robert Rudloff, CISSP, CISA, QSA, CMMC RPA Partner rob.rudloff@rubinbrown.com 303-952-1220

Insights & Events

View All Insights & Events
Insight Article

Preparing for CMMC Compliance: Get Started!

Read This Article
Insight Article

Managing Business Email Compromise and Fraud Attacks

Read This Article
Insight Article

Application Situation: Third Party Patching

Read This Article

Be Your Best for Others at RubinBrown

At RubinBrown, our firm fosters a culture built upon five vision points, and are guided by our philosophy of Being Our Best for Others. Discover how you can be your best at RubinBrown today by visiting our Careers & Culture Overview for available opportunities and more.

Discover Our Culture

Join Our Mailing List

RubinBrown periodically sends breaking regulatory updates, technical summaries, industry-specific information and event (in-person and virtual) invitations through electronic newsletters.

Sign Up for Our Communications
1-800-678-3134 Certified Public Accountants & Business Consultants

Ranked a Top 50 Accounting Firm by Inside Public Accounting

Firm News Disclaimers Privacy Policy Client Payment © 2025 RubinBrown LLP
RubinBrown Executive Recruiting RubinBrown Advisors RubinBrown Corporate Finance