Category: Blog

Which PCI DSS SAQ do I use?

If you’re looking for a PCI DSS SAQ, this should mean you’re eligible to assess your PCI DSS compliance using a Self Assessment Questionnaire. Can I use a PCI SAQ? Eligibility for this is determined by the card brands themselves, rather than the PCI Security Standards Council. This is ultimately determined by what level the…

Read the full article

What is a PCI ASV?

If you’ve just started dealing with the world of PCI DSS compliance, you’re going to learn that ASVs come up a lot. For even the lowest levels of merchants and service providers, the one thing required other than an SAQ is to conduct quarterly ASV scans. So what is an ASV? ASV stands for Approved…

Read the full article

Where can I download PCI DSS ROC template?

The PCI Security Standards Council has copies of the Report of Compliance (ROC) reporting template available to download as a PDF in their Document Library. The direct link to download the version 3.2.1 ROC reporting template is: https://www.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-ROC-Reporting-Template.pdf The PCI Security Standards Council also have AOC reporting templates available.

What is a PCI QSA?

When you’re dealing with PCI DSS compliance, the term QSA comes up a lot. So what is a QSA? It’s a good question, because the term ‘QSA’ can refer to at least 3 related things. The term QSA itself stands for Qualified Security Assessor, which is a qualification issued by the PCI Security Standards Council.…

Read the full article