PCI DSS SAQ B Compliance | Self-Assessment Questionnaires and Forms | PCI Compliance Policies
PCI DSS SAQ B – specifically, the actual questionnaire and accompanying forms – are an important component of the PCI DSS “self-assessment” process for many merchants involved in the storing, processing, and/or transmission of cardholder data. PCI DSS SAQ B is specifically geared towards merchants that process cardholder data via imprint machines, or standalone dial-out terminals. Furthermore, SAQ B merchants may be a traditional brick-and-mortar entity, or even e-commerce, mail and telephone order merchants.
Requirements for allowing Merchants to use SAQ B for PCI DSS Compliance
Before beginning the process with SAQ B, please confirm the following (according to the actual SAQ B document available at pcisecuritystandards.org):
• Your company uses only imprint machines and/or uses only standalone, dial-out terminals (connected via a phone line to your processor) to take your customers’ payment card information.
• The standalone, dial-out terminals are not connected to any other systems within your environment.
• The standalone, dial-out terminals are not connected to the Internet.
• Your company does not transmit cardholder data over a network (either an internal network or the Internet).
• Your company retains only paper reports or paper copies of receipts with cardholder data, and these documents are not received electronically, and;
• Your company does not store cardholder data in electronic format.
PCI SAQ B Policies and Procedures Templates | Download Today | Become Compliant
If you can effectively answer “yes” to the above conditions, then self-assessing with PCI SAQ B is permitted – which you should know requires documented PCI policies and procedures for compliance – for which pcipolicyportal.com has developed specifically for SAQ B. Moreover – as for SAQ B – merchants will need PCI compliance policies for a number of different areas, such as Requirements 3, 4, 7, 9, and 12. Your answer – purchase the SAQ B policy and procedure templates, then follow the PCI SAQ Certification process steps as discussed by pcipolicyportal.com – it’s that easy.
pcipolicyportal.com also offers policy and procedure writing services, along with PCI compliance policies for all other SAQ reporting mandates (A, C, C-VT, D, P2PE-HW), including Level 1 onsite assessments by an actual PCI-QSA. Contact us today to learn more and sign up for the pcipolicyportal.com training webinars, free of charge.