Re: PCI Audit

[Brad Judy <brad.judy () CU EDU>]

Regardless of which vendor you choose, be sure to specify that the particular person assigned to your engagement have X 
numbers of years of experience in PCI and ask if they have anyone with higher ed experience who can be assigned.  Any 
company has staff with a wide variety of experience levels, and that’s especially true of the larger ones like 
Trustwave who have a number of new folks in addition to experienced ones.

Brad Judy

Information Security Officer
Office of Information Security
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu/>

[cu-logo_fl]


From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Ronald King <ronald.king () MORGAN EDU>
Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Friday, April 27, 2018 at 9:34 AM
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] PCI Audit

Colleagues,

My apologies if this question has been asked before, but, the last I found in the archives was from 2012.

We are looking for a vendor to conduct an audit of our current PCI posture. Do any EDUs have recommendations for a 
consultant or company to assess where we are now and possibly help manage PCI assessments in the future?

Thank you,
Ronald A. King, CISSP
Chief Information Security Officer
Morgan State University
Office:
(443) 885-3372
1700 E. Cold Spring Ln.
Email:
ronald.king () morgan edu<mailto:ronald.king () morgan edu>
Baltimore, MD 21251
URL:
http://www.morgan.edu

Growing the future ... Leading the 
world<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>