21.2.2 Validate PCI Compliance Annually
Policy Statement
All units that accept credit/debit cards must follow the Payment Card Industry Data Security Standard (PCI DSS) for credit/debit card security. Units must validate their compliance with the PCI Standard each year.
Before you change how you process credit/debit payments, contact Merchant Card Services to ensure that you remain in compliance. You may need to re-validate your compliance before your next scheduled annual validation.
Procedure
To validate PCI compliance annually:
- The unit fiscal officer receives an email reminder from Merchant Card Services.
- Log on to the website URL contained in the email and follow the instructions to complete a Self-Assessment Questionnaire (SAQ). If you have difficulties answering the questions, contact Merchant Card Help at MerchantCardHelp@uillinois.edu or 217-244-9384.
- Confirm that all staff are staying current with their annual Payment Card Data Security training.
- Merchant Card Services reviews the questionnaire and may contact the unit if there are any outstanding issues.
10 Implement Internal Controls for Handling Cash and/or Checks
PCI Security Standards Council
Payment Card Data Security Training
Last Updated: April 13, 2012 | Approved: Senior Associate Vice President for Business and Finance | Effective: November 2008