Audit Procedures
All processing departments undergo a payment card processing security audit semi-annually. The date of the audit is determined by Credit Card Operations in coordination with department availability. In order to prepare for the audit, department personnel involved in payment card processing need to ensure that:
- All personnel involved in payment card processing are current with annual training offered by Credit Card Operations.
- Departmental representatives must:
System Usage Waivers
Departments that use external systems to need to complete the System Usage Waiver to prepare for the audit.
This includes any system that:
- Connect to CASHNet or any other payment gateway
- Act as a payment gateway
- Accept Payments on behalf of the University of Arkansas, University of Arkansas Foundation or Arkansas Alumni Association
Credit Card Operations will contact you for your additional documentation. Additional documentation can be but is not limited to.
- Contract with Vendor
- Vendor Attestation of PCI compliance
- Vendor’s last passing PCI ASV Scan