PCI DSS SAQ Compliance Identifier Tool

Comply with PCI DSS v4.0

The PCI DSS SAQ Compliance Identifier Tool is the easy and cost-effective way to identify what SAQ your organization needs to complete to validate compliance with PCI DSS v4.0. Simply answer a series of multiple-choice questions by selecting from a drop-down list of responses, and the tool will provide the closest SAQ match based on those responses. You will also receive customized feedback (details below) for your organization to consider on the road to compliance. Your chosen SAQ match will then be broken down into sub-requirements, where you can track your implementation status and assign responsibilities.

Organizations that already have the right payment method in place for a given SAQ can use the tool to identify where you do not meet all the SAQ’s conditions and advise on the changes you need to make to qualify for that SAQ. The tool will also recommend what alternative payment or account data processing method is suitable and would make PCI DSS compliance significantly easier, if you do not already qualify for a simpler SAQ.

What does the tool include?

• Identify your organization’s SAQ without hiring a consultant – it is cost-effective
• Detailed user instructions on how to use the tool to identify your SAQ and learn how you might reduce your compliance scope
• A separate tab with definitions used throughout the tool and relevant to PCI DSS v4.0
• A customizable fields tab, allowing you to tailor implementation status descriptions and responsibilities to your organization’s preferences and needs
• The ‘Payment questions’ tab, where you can easily answer multiple-choice questions about how your organization takes payments
• A results tab that displays your SAQ result and useful information about that SAQ, as well as tailored feedback on how to maintain compliance, reduce your scope, or easily complete your SAQ
• An implementation tracker on a sub-requirement level, where you can track implementation statuses and responsibilities
• An SAQ–requirement mapping tab, which maps each SAQ against the Standard’s 12 high-level requirements and sub-requirements, to easily compare and filter SAQs
• Excel-based and macro-free for ease of use

If you want to complete multiple assessments to compare implementation of different SAQs, we advise keeping a template version of the tool to copy for each assessment.

The tool is designed to work in any Microsoft environment; it does not need to be installed like software, and does not depend on complex databases. It relies on human involvement.

The tool is not designed for conducting a detailed gap analysis or audit, which require a more granular assessment or dedicated tool. If you require specialist help in this area, please contact us.