Skip to main content

Firm Management

New York accounting firm Freed Maxick adds PCI Data Security services

Freed Maxick CPAs Offers PCI Data Security Service line, Expanding Technology Consulting Practice.

One of the largest local accounting firms in western New York has expanded its Technology Consulting practice with a new PCI Data Security service line.

Freed Maxick CPAs, P.C., which has offices in Buffalo, Syracuse, Rochester and Batavia, is offering the service to clients who are required to be compliant with the PCI Data Security Standard, which is vital for all merchants or service providers who store, process or transmit credit card data, online or offline.

From the world’s largest corporations to small ecommerce websites, compliance with the PCI Data Security Standard (PCI DSS) is essential, and Freed Maxick is the only local firm in Western New York registered as a Qualified Security Assessor (QSA) company with the Payment Card Industry Security Standards Council (PCI SSC). The PCI SSC was created in September 2006 to oversee the Payment Card Industry Data Security Standard (PCI DSS) and related assessment and certification programs.

Freed Maxick’s experienced team of information security professionals, including Qualified Security Assessors (QSAs) trained and certified by the PCI SSC, can help organizations develop and maintain a complete security program for PCI compliance. The practice group’s approach to PCI Data Security Standard compliance includes three types of services applicable to all service providers, managed hosting service providers and merchant levels:

  • PCI Data Security Standard assessment services – This review assesses an organization’s security against the controls listed in the PCI Self-Assessment Questionnaire and provides recommendations for remediating any identified control gaps.
  • PCI Data Security Standard remediation services – This service provides feedback on remediation actions targeted to close any identified PCI compliance gaps.
  • PCI Report on Compliance (ROC) – This independent validation of PCI Data Security Standard compliance provides an organization with a PCI ROC and practical recommendations for enhancing card processing systems’ security controls.

“In today’s fast-paced, information-rich business environment, successful organizations can get caught up in managing technology instead of using technology to help manage business,” said Larry Hessney, CIA, CISA, CSSBB, Director.

“Freed Maxick aims for continual expansion of our Technology Consulting practice, to better meet the needs of clients in an ever-changing world.  Compliance with data security standards is becoming increasingly important and can bring major benefits to businesses of all sizes, while failure to comply can have serious and long-term negative consequences. Our talented high performance team is here to help.”

The new PCI Data Security service line offering is one of many available to clients. Through these service lines Freed Maxick’s technology consultants aim to help their clients meet strategic objectives. These objectives include improving business performance, maximizing value to client customers, partners and suppliers, reducing costs and increasing profits with more efficiently run operations, and remaining at the fore front of the information economy, creating competitive advantage.