PCI DSS Self-Assessment Services Assisted SAQ
The current PCI DSS standard includes more than 300 control requirements over 12 higher level requirement sections. Depending on the number of annual transactions a merchant or service provider processes in a given year, the merchant or service provider is assigned to a Tier level. For the highest volume tier (Tier 1), those companies are required to perform a full Report on Compliance assessment.
The other tiers are required to conduct a self-assessment questionnaire (SAQ). For the clients that can perform a self-assessment questionnaire, the process should be the same as a report on compliance in terms of control evaluation and documentation, except that the SAQ clients are allowed to self- evaluate and write their own required questionnaire.
1 Cyber Valley has QSA’s who have been performing PCI Assessments for many years across multiple industries. Once our 1 Cyber Valley QSA is brought in, the QSA will start the assessment by working with your team to gather evidence before the onsite days. The QSA will spend time reviewing this evidence pre-onsite to ensure the QSA has a strong understanding of your environment, business processes and in-place controls.