The selected Contractor will be responsible for evaluating the payment/credit card security processes and controls consistent with applicable PCI Data Security Standards (DSS) requirements, providing a gap analysis and recommendations for meeting any identified gaps, assisting with corrective actions and compensating controls, and certifying compliance with the current PCI DSS version. The Contractor will be required to conduct onsite and remote assessments of different payment channels and provide the State with an Attestation of Compliance, Draft Report on Compliance, and a final Report on Compliance. The Contractor will also provide subject matter expertise to provide guidance to the State’s internal PCI compliance team. On an as needed basis, the Contractor will conduct consulting services and all other services which may aid the State in maintaining PCI compliance.
