Payment card industry
(PCI) compliance
Payments and refunds
Payment card industry (PCI) compliance
The Division of Finance's Accounting Operations provides training, information, and resources about Payment Card Industry (PCI) standards and procedures.
The Finance Compliance Coordinator is Becky Yorgason [email protected]
PCI training for state employees, vendors, and volunteers
Contact [email protected] to arrange staff assignments for the training.
Links to PCI requirements & resources to get started
Division of Finance credit card policy (FIACCT 07-08.00)
Division of Finance credit card mobile payment applications policy (FIACCT 07-08_01)
Chase mobile standards document with hardening procedure for iOS and Android
Division of Technology Services Mobile Device Management
Credit card payment implementation checklist for state agencies
Understanding the PCI-DSS self assessment questionnaire
PCI service options
Payment card industry data security standard (PCI DSS)
SAQ instructions and guidelines
PCI security standards council
document library
Download PCI self-assessment questionnaires (SAQs) & worksheets
SAQ B
Used for standalone, dial-out terminals with no electronic cardholder data storage.
SAQ B-IP
Used for standalone, IP-connected terminals; no electronic cardholder data storage.
SAQ C
Used for payment application systems connected to the Internet, no electronic cardholder data storage.
SAQ C-VT
Used with web-based virtual terminals; no electronic cardholder data storage.
SAQ D
Used with in-person transactions, not outsourced; may have electronic cardholder data storage.