¾ÅÉ«ÊÓƵ

Skip to main content

Merchant Manual Instructions

SAQ A merchant manual

Section 1 – Departmental Merchant Agreement

Section 2 – Annual PCI Self-Assessment Questionnaire

Section 3 –

Section 4 – Department Policies and Procedures and Annual Policy Acknowledgment

Section 5 – Third-Party Service Providers Documentation

Section 6 - PAN Scan Results

Section 7 –

 

SAQ A Merchant Manual Yearly Upkeep Steps
  1. Review your policies and procedures annually and indicate the review took place on your "Revision History" of your policies.
  2. Distribute the new policies to your staff and have them complete the Annual Policy Acknowledgement.
  3. Complete and sign the SAQ A annually.
  4. Make sure 3rd party documentation is updated annually.
  5. Make sure to have a new PAN scan performed annually. 
  6. Enroll staff, complete the annual online security training, and update your .

 

SAQ B merchant manual

Section 1 – Departmental Merchant Agreement

Section 2 – Annual PCI Self-Assessment Questionnaire

Section 3 – Cardholder Data Flow Diagram (use the data flow from the Operational policies and procedures)

Section 4 – Department Policies and Procedures and Annual Policy Acknowledgment

Section 5 – Third-Party Service Providers Documentation

Section 6 – PAN Scan Results

Section 7 – Terminal Security Section

             

             

             

             

             

Section 8 –

 

SAQ B Merchant Manual Yearly Upkeep Steps
  1. Review your policies and procedures annually and indicate the review took place on your "Revision History" of your policies.
  2. Distribute the new policies to your staff and have them complete the Annual Policy Acknowledgement.
  3. Complete and sign the SAQ B annually.
  4. Make sure your 3rd party documentation is updated annually.
  5. Make sure to have a new PAN scan performed annually.
  6. Enroll staff, complete the annual online security training, and update your .
  7. Perform your periodic physical inspections of your terminal(s).
 
P2PE merchant manual

Section 1 – Departmental Merchant Agreement

Section 2 – Annual PCI Self-Assessment Questionnaire

Section 3 – Cardholder Data Flow Diagram (use the data flow from the Operational policies and procedures)

Section 4 – Department Policies and Procedures and Annual Policy Acknowledgment

Section 5 – Third-Party Service Providers Documentation

Section 6 – PAN Scan Results

Section 7 – Terminal Security Section

             

             

             

             

             

Section 9 –

Section 10 - PIM (P2PE Installation Manual)

 

SAQ P2PE Merchant Manual Yearly Upkeep Steps
  1. Review your policies and procedures annually and indicate the review took place on your "Revision History" of your policies.
  2. Distribute the new policies to your staff and have them complete the Annual Policy Acknowledgement.
  3. Complete and sign the SAQ P2PE annually.
  4. Make sure your 3rd party documentation is updated annually.
  5. Make sure to have a new PAN scan performed annually.
  6. Enroll staff, complete the annual online security training, and update your .
  7. Perform your periodic physical inspections of your terminal(s).
  8. Review your PIM (P2PE Installation Manual) annually to ensure it is up to date.

Reviewed 2024-07-10