2024 PCI Compliance Review Memo

Report Highlights

February 10, 2025

The Salt Lake County Auditor's Office reviewed compliance with Countywide Policy 1400-7, which requires agencies and contractors to submit PCI DSS compliance documentation to the County Auditor by September 30th. Of the 21 entities reviewed, 15 (71%) met the deadline, while six (28%) submitted late due to staff absences, technical issues, and signature delays. Criminal Justice Services was exempt as it no longer processes payments.

While late submissions did not impact PCI DSS compliance, adhering to policy deadlines is crucial for effective risk management.