Home > Services > Compliance > Self Assessment Questionnaire


Self Assessment Questionnaire

If an organization processes credit cards it is obligated to comply with PCI DSS regardless of its size, type or volume of those transactions. The PCI DSS Self-Assessment Questionnaire (SAQ) is a validation tool for merchants and service providers that are not required to undergo a full on-site data security assessment. The purpose of the SAQ is to assist organizations in self-evaluating compliance with the PCI DSS. There are multiple versions of the SAQ to meet various business scenarios, ranging from SAQ A being the simplest, to SAQ D being the most complex and almost an equivalent to full PCI Standard assessment.

Visa has mandated that all Canadian merchants who complete the SAQ have the process validated by a QSA. This means that an organization needs to find a QSA to validate their compliance results.