Case Study: Church Community Builder achieves ongoing PCI Level 1 compliance with ControlScan

How Controlscan Helps A High-Transaction, Cloud-Based Software Company Stay PCI Compliant Year After Year

Church Community Builder, a cloud-based software company serving churches, needed to protect sensitive payment data and achieve PCI DSS Level 1 Service Provider compliance as its transaction volume grew into the hundreds of millions annually. Facing a complex, cloud-based payments environment and an upcoming audit, the company turned to ControlScan for PCI guidance and a PCI Gap Analysis to reduce scope and identify security gaps early.

ControlScan provided ongoing PCI DSS compliance consulting, an on-site QSA audit, and vulnerability scanning, helping Church Community Builder build a sustainable compliance program rather than a one-time fix. The result was four successful years as a PCI Level 1 Service Provider, with reduced stress, better process consistency, and fewer man hours spent on compliance—demonstrating that ControlScan helped them maintain compliance year after year.

Church Community Builder

Jonathan Sahhar

Technology Operations Lead