PCI DSS SAQ C Compliance | Forms | Questionnaires | Self-Assessments | PCI Security Policies

PCI DSS SAQ C – specifically, the actual questionnaire and accompanying forms – are an important component of the PCI DSS “self-assessment” process for many merchants involved in the storing, processing, and/or transmission of cardholder data.  PCI DSS SAQ C is specifically geared towards merchants that process cardholder data via payment applications (i.e., point of sale systems) connected to the Internet (i.e., Cable Modem, DSL), but actually do not store any cardholder data.
Requirements for allowing Merchants to use SAQ C for PCI DSS Compliance
Before beginning the process with SAQ C, please confirm the following (according to the actual SAQ C document available at

•    You have a payment application system and an Internet connection on the same device and/or same local area network (LAN).
•    The payment application | Internet device is not connected to any other systems within your environment (which can be effectively achieved through network segmentation).
•    You company store is not connected to other store locations, and any LAN is for a single store only.
•    Your company only retains paper reports or paper copies of receipts.
•    Your company does not store cardholder data in electronic format, and;
•    You company’s payment application vendor uses secure techniques to provide remote support to your payment system.

PCI SAQ C Policies and Procedures Templates for Compliance | Download Today
If you meet the above stated conditions, then self-assessing with PCI SAQ C is allowed, which also requires documented PCI policies and procedures for compliance.  Specifically, PCI SAQ C mandates compliance with Requirements 1 – 9 and 11 – 12 (Requirement 10 is omitted). Remember that the actual PCI DSS standards contain twelve (12) “Requirements” (i.e., sections).   Additionally, a large part of compliance with SAQ C is the various policies and procedures needed, for which merchants can obtain example PCI security policies right now from  Just purchase the SAQ C policy and procedure templates, then follow the PCI SAQ Certification process steps as discussed by  PCI compliance doesn’t have to be a challenging and taxing process, so trust the experts at for all your PCI security policies. also offers policy and procedure writing services, along with PCI policies and procedures for all other SAQ reporting mandates (A, B, C-VT, D, P2PE-HW), including Level 1 onsite assessments by an actual PCI-QSA.  Contact us today to learn more and sign up for the training webinars, free of charge.

Talk with one of our experts!

You're In

We just sent our latest PCI DSS Starter Toolkit right to your inbox.

You're In

Be sure to check your inbox... we just sent you our latest PCI DSS Starter Toolkit.

Where can we send your free PCI DSS Toolkit?

Privacy - We hate spam too and promise to keep your email address safe!



Access our most powerful toolkit yet!
Here’s what’s included…