Document Comparison
PCI-DSS-v3_2-SAQ-C.pdf
→
PCI-DSS-v3_2-SAQ-C-rev1_1.pdf
97% similar
55 → 55
Pages
12548 → 12689
Words
2
Content Changes
From Revision History
- October 2008 1.2
Content Changes
2 content changes. 26 administrative changes (dates, page numbers) hidden.
Added
p. 2
Requirements added from PCI DSS v3.2 Requirements 8, 9, and Appendix A2.
January 2017 3.2 1.1 Updated Document Changes to clarify requirements added in the April 2016 update.
Added footnote to Before You Begin section to clarify intent of permitted systems.
Checkboxes fixed in Requirements 8.1.6 and 11.3.4.
Section 2
• PCI DSS Self-Assessment Questionnaire (SAQ C) 1 This criteria is not intended to prohibit more than one of the permitted system type (that is, a payment application system) being on the same network zone, as long as the permitted systems are isolated from other types of systems (e.g. by implementing network segmentation). Additionally, this criteria is not intended to prevent the defined system type from being able to transmit transaction information to a third party for processing, such as an acquirer or payment processor, over a network.
January 2017 3.2 1.1 Updated Document Changes to clarify requirements added in the April 2016 update.
Added footnote to Before You Begin section to clarify intent of permitted systems.
Checkboxes fixed in Requirements 8.1.6 and 11.3.4.
Section 2
• PCI DSS Self-Assessment Questionnaire (SAQ C) 1 This criteria is not intended to prohibit more than one of the permitted system type (that is, a payment application system) being on the same network zone, as long as the permitted systems are isolated from other types of systems (e.g. by implementing network segmentation). Additionally, this criteria is not intended to prevent the defined system type from being able to transmit transaction information to a third party for processing, such as an acquirer or payment processor, over a network.
Modified
p. 4
Your company has a payment application system and an Internet connection on the same device and/or same local area network (LAN); The payment application system/Internet device is not connected to any other systems within your environment (this can be achieved via network segmentation to isolate payment application system/Internet device from all other systems); The physical location of the POS environment is not connected to other premises or locations, and any LAN is for a single location only; …
Your company has a payment application system and an Internet connection on the same device and/or same local area network (LAN); The payment application system/Internet device is not connected to any other systems within your environment (this can be achieved via network segmentation to isolate payment application system/Internet device from all other systems)1; The physical location of the POS environment is not connected to other premises or locations, and any LAN is for a single location only; …