Compliance Solutions PCI SAQ Assessment

PCI SAQ Assessment

The Payment Card Industry (PCI) Data Security Standard (DSS) is an information compliance standard for the Payment Credit Card Industry which has replaced older inconsistent standards that were imposed by various credit card brands. Merchants use credit card information to process transactions, while processors store and manipulate cardholder information. Level-2 through level-4 merchants must complete and submit a Self Assessment Questionnaire annually in order to satisfy the requirements of their bank credit card providers.


Busy IT departments must complete the PCI DSS Self Assessment Questionnaire in order to avoid harsh fines and penalties. Many IT departments lack the competence and staff to complete the questionnaire with accuracy, precision, and independence.

KRAA Security provides an independent review of controls applied to the IT infrastructure geared toward companies that are required to complete the PCI DSS Self Assessment Questionnaire. Our approach is to help limit the scope of the review and focus only on the systems, networks, and processes associated with cardholder information. We alleviate management and the IT staff from the onerous task of interpreting, evaluating, and reporting on PCI DSS compliance while providing independence. We will review current state of all PCI assets connected to the internal network and perform a vulnerability analysis.

The PCI Security Assessment will produce a comprehensive report that includes an executive overview, findings, and recommendations. We will also complete and deliver the PCI Self Assessment Questionnaire to management, in a formal presentation. During the engagement we will collect IT policies, procedures, interview key employees, randomly test controls to validate compliance with security policies and procedures.

Compliance Software

KRAA Security uses the Razient compliance software to streamline the assessment process, collaborate between our staff and the client and reduce the cost of conducting an assessment.
  • The Razient software-as-a-service application walks through each step of the assessment taken by our consultants
  • Each question is tracked and documentation collected in a centralized portal, ensuring no step is missed
  • Recommendations for each gap are already developed for quick remediation

For more information Contact Us