A PCI security audit means that via interviews and technical inspections, FortConsult evaluates whether your security is in order on the basis of VISA′s checklist of more than 200 items. We send this evaluation to VISA, which carries out the formal security approval based on our recommendation.   The PCI security audit focuses on security within and around the systems that process and store credit card numbers - i.e. servers, development environments, backup systems and similar.   Our audit includes examination of the following areas: Location and configuration of firewall(s) Password policy and passwords on network units Security of saved data - incl. deletion, masking of data, access to data, encryption and backup Encryption of data transmitted via the Internet, by e-mail and via wireless network Working procedures for patching and updating of antivirus Procedures for secure development and testing Restriction of employees′ access to card data Restriction and monitoring of physical access Physical destruction of information on all types of media Monitoring of events on equipment and network Advanced IT and IT security policy Existence of an acceptable IT emergency plan   FortConsult has extensive experience in carrying out security audits at different security levels for both financial and non-financial enterprises. We always customise our security audit, StaySafeTM, to our customers on the basis of the degree of security they wish to have. If you wish to have more than, or an alternative to, a PCI security audit, we can for example include other IT systems in the audit such that it covers Internet systems, web solutions, employees working from home, subsidiaries and internal networks. FortConsult is the only Danish company that is certified by VISA and MasterCard to carry out both security scans and security audits of business enterprises′ critical payment systems in accordance with the PCI standard.