paymentprocessing

All Merchants must complete compliance training & surveys by May 30th, 2009.

PCI Training - All credit card merchants are required to take this course each year

Annual Compliance Survey

	SAQ A (Third-Party Merchants)
	SAQ B (Terminal Merchants)
	SAQ C & D - For merchants that do not qualify to take the self-assessment (SAQ A or B), you must use a qualified, UC-approved security assessor:
	Instructions and guidelines - For an in-depth look at completing your self-assessment survey

Trustwave Contact Information: 612 W. Main St. Suite 200 Madison, WI 53703 800.363.1621 support@trustwave.com http://www.trustwave.com

• Memo on campus PCI compliance

• Standard contract language for contracts involving credit card payments

• Payment Card Industry (PCI) Standards
   

• PCI Audit Guide -- an in-depth look at what to do if a security breach takes place

• UCOP Information Security Policy

• Note: Please contact the Terminal Support Team directly to very whether your payment application is on the Prohibited Applications List.
   

The Payment Card Industry (PCI) Data Security Standard (DSS) and supporting documents represent a common set of industry tools and measurements to help ensure the safe handling of sensitive information. The standard provides an actionable framework for developing a robust account data security process - including preventing, detecting and reacting to security incidents.

To reduce the risk of compromise and mitigate its impacts if it does occur, it is important that all entities storing, processing, or transmitting cardholder data be compliant.