PCI Compliance SAQ A Policy Template and Requirements

November 13, 2020 • Published Categories PCI 101 Tags , , ,
PCI Compliance SAQ A Policy Template and Requirements

In this blog installment, I want to provide you with an SAQ A policy set that would cover those merchants that have outsourced all of their processing to a PCI-compliant third party. (Note that there is a significant difference between SAQ A and SAQ A-EP. … Read more

Understanding and Meeting PCI Compliance Policy Requirements

November 2, 2020 • Published Categories PCI 101 Tags , ,
Free PCI Compliance Policy Template

Regardless of the security or compliance framework you are mapping to, there will always be an established set of requirements stating that your business must have documented policies, procedures and standards in place. In this post I will clarify the difference between the three, and … Read more

What in the World is a Qualified Integrator and Reseller?

July 15, 2020 • Published Categories PCI 101 Tags ,
What is a Qualified Integrator and Reseller?

The PCI DSS self-assessment questionnaire can be challenging for non-technical people, especially when you don’t understand the different terms floating around inside it. “Qualified Integrator and Reseller” is one of those terms that is known to throw merchants for a loop. The PCI DSS question … Read more

The PCI Point-to-Point Encryption (P2PE) Program

June 8, 2020 • Published Categories PCI 101 Tags
PCI Point-to-Point Encryption (P2PE) Program

Excerpted from the ControlScan white paper, “Terminal Encryption for Security and PCI Compliance.” When the PCI Security Standards Council (SSC) released the first version of the PCI Point-to-Point Encryption (P2PE) standard in 2011, its goal was to help merchants obtain a path to compliance that … Read more