FOR IMMEDIATE RELEASE
BKD conducted an assessment of City departments’ Payment Card Industry Data Security Standard administration commencing Aug. 16 and ending Oct. 31, 2021 and presented the report at City Council’s Jan. 12 Finance & Administration Committee meeting.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card brands. The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.
The City has multiple departments that use a combination of e-commerce, telephone order and card present payment channels.
BKD noted seven observations. An observation is defined as “an opportunity to enhance compliance with PCI requirements and may be considered a best practice. An observation may also be an item that we noted should be brought to management’s attention that does not specifically relate to a Self-Assessment Questionnaires (SAQ) question.”
All City of Springfield audits and data sets are available at springfieldmo.gov/opendata.
For more information, please contact Cora Scott at 417-380-3352.