Frequently Asked Question

Why are there multiple PCI DSS Self-assessment Questionnaires (SAQs)?

The PCI Data Security Standard Self-assessment Questionnaire (SAQ) is a validation tool to assist merchants and service providers in demonstrating their compliance with the PCI Data Security Standard (PCI DSS) through a self- assessment, as permitted by the payment brands.

There are multiple versions of the SAQ to meet various scenarios, depending on how your organization stores, processes, or transmits cardholder data. For more information on how to complete the SAQ, please refer to the 'Self-Assessment Questionnaire Instructions and Guidelines', available in the Document Library.

Merchants should also consult with their acquirer (merchant bank) or the payment brands directly to determine if they are eligible or required to submit an SAQ, and if so, which SAQ is appropriate for their environment.

Last updated: November 2016
Originally published: July 2012
Article Number: 1133

Featured FAQ Articles