Organizations, nonetheless the size, POS vendors, financial institutions and software developers who create and operate the global platform for processing payments to handle card holder data are liable to comply with PCI DSS (Payment Card Industry Data Security Standard). The PCI DSS provides data security standards to assist merchants implement and process the security policies standards to protect their payment systems from data theft and corporate security breaches. The compliance standards ensures business merchants and service providers to establish a secure platform for payment solutions.
The card holder data are to surpass an audit and the business merchants of companies are to bespeak compliance with PCI standards. Self Assessment Questionnaire (SAQ) is one type of audit that applies with simple cardholder data environments which is completed by a business merchant or a service provider.
The PCI DSS Self Assessment Questionnaire is a tool to help business merchants and service providers validate in their level on PCI DSS Compliance through self assessment, in correspondence to payment brands..
Which SAQ best applies to your organisation?
The type of Self Assessment Questionnaire depends on the type of organization and on what type of transaction the merchant deals with.
Implied when the business merchants outsource the card holder data functions to a third party service provider.
Implied when E-commerce merchants who takes control of the website administration of the payment links and outsource their payment
Implied for call-out merchants and the business that do not involve any electronic cardholder data storage.
This is applied to merchants who handle PEDs which has the ability to function independently of any other hardware or software and are connected to the processor through IP connection.
Business that does not deal with electronic cardholder data storage that use virtual terminals for processing payments.
Merchants who process application-based payments through the internet with no electronic card holder information storage.
Merchant who are not eligible to take up Self Assessment Questionnaire types A and C.
Merchants with no electronic card data storage and who are involved with payment processed through hardware payment terminals are eligible to take up this particular type of Self Assessment Questionnaire.