Navigating the New PCI 3 Self-Assessment Questionnaires (SAQs)

March 19, 2014 6:45pm EDT

The updated PCI 3 standards are creating confusion for merchants and service providers. What used to be one SAQ has expanded into nine (9) versions. You must select and complete the appropriate questionnaire based on how you do business (ecommerce, face-to-face, phone/fax order, etc.) AND how you accept and process credit/debit payments.

During this webcast from the SCMagazine Spring 2014 ePCI conference Jeff Man introduces the nine SAQs, presents an overview of what’s new/different, and helps you answer the question, “Which SAQ do I use?”

Note: some of the new SAQs require external scanning by an ASV (Approve Scanning Vendor). Jeff will point out when this applies and briefly describe how Tenable solutions help satisfy your PCI compliance requirements, while also strengthening your overall security posture.

Jeff Man


Jeff Man, Product Marketing Manager, Tenable Network Security (and former QSA)


Jeffrey Man is Tenable’s product marketing manager for Nessus Perimeter Service and PCI solutions. His more than 30 years of experience include 10 as a certified QSA, most recently with AT&T Consulting Services. Earlier in his career, Jeff held security research, management and product development roles with the NSA, DOD and private-sector enterprises.