PCI Compliance

PCI DSS is a written set of standards that contain technical requirements that are in place to protect the process of credit card transactions.  This standard has been in existence for years, requiring any merchant that processes, transmits, or stores customer’s cardholder data to be PCI compliant.

Because we handle credit card transactions on our campus, we are held to the PCI DSS set of standards

Besides the requirement of being compliant with the PCI DSS standards, it is important for us to meet these standards so that we can protect our customers from hackers and thieves, keep their trust, and protect our CSU Pueblo name.

Help our campus avoid fines and lawsuits
If even one of our departments were to have a breach, we all may be dealing with fines and lawsuits from our customers, our government, card brands, and more.  By being PCI compliant, we can reduce or even avoid these fines and protect our reputation.

What we are doing on campus
Our Business Financial Services (BFS) and Information Technology Services (ITS) are working together to lead the way in our compliance.

• Keep our CSU Pueblo Financial Procedure Statement (FPI 6-6 PCI DSS) up-to-date. You can find that FPI here: Financial Procedure Statement
• Perform regular routine audits with each department on campus that processes credit card transactions. Building a required annual training program
• Forming a formal PCI DSS Committee and Charter with representation from each department on campus that processes credit card transactions.
• Follow the compliance verification process using the PCI Compliance Manager set of tools

For more information on our PCI DSS compliance efforts, please contact Mark D. Gonzales, Information Security Manager  mark.gonzales@csupueblo.edu