A PCI audit examines the security of your organization's credit-card processing system from beginning to end. During this process, a Qualified Security Assessor (QSA) or your own Internal Security Assessor will determine the effectiveness of your organization's information security controls.