PCI Documentation

Below is a reminder of the documentation you should be obtaining or creating every year for each of your payment flows, based on SAQ type. If there is anything you need assistance with, please feel free to reach out to [email protected].

SAQ A:

  • Attestation of Compliance of Payment Processor
  • Attestation of Compliance of Third-Party Application
  • Scanning Results

SAQ B:

  • Attestation of Compliance of Payment Processor
  • Verification of PTS POI Devices against PCI Listed Devices
  • Inventory List
  • Inspection Logs
  • Scanning Results

SAQ C-VT:

  • Attestation of Compliance of Payment Processor
  • Segmentation Test Results
  • Scanning Results

SAQ C:

  • Attestation of Compliance of Payment Processor
  • Attestation of Compliance of Third-Party Application
  • Segmentation Test Results
  • Scanning Results
  • Inventory List
  • Inspection Logs
  • Verification of Audit Logging

SAQ P2PE:

  • Attestation of Compliance of Payment Processor
  • P2PE Certification from PCI SSC
  • Inventory List
  • Inspection Logs