Posts Categorized: SAQ

PCI DSS Mandatory Risk Ranking

PCI requirement 6.2 “Establish a process to identify and assign a risk ranking to newly discovered security vulnerabilities” includes the additional note: “The ranking of vulnerabilities as defined in 6.2.a is considered a best practice until June 30, 2012, after which it becomes a requirement.” As the summer (at least in the Northern Hemisphere) is… Read more »

SAQ Eligibility Guide

Choosing the right Self Assessment Questionnaire (‘SAQ’) can be a very tricky task, especially for merchants with multiple payment channels. The PCI SSC introduced five different SAQs: SAQ A – Card-not-present Merchants, All Cardholder Data Functions Outsourced. SAQ B – Merchants with Only Imprint Machines or Only Standalone, Dial-Out Terminals. No Electronic Cardholder Data Storage…. Read more »