This document summarizes the services of SAQ 4 U, a company that helps small businesses comply with the PCI Data Security Standard (PCI-DSS) by completing the Self-Assessment Questionnaire (SAQ) on their behalf. SAQ 4 U determines the required SAQ form based on a business's transaction volume and payment card industry merchant level. They then complete the form, review the results, and guide the business through the validation process. Their services help businesses comply with PCI-DSS requirements without needing to hire a costly Qualified Security Assessor.

1. SAQ 4 U - Serving the small businessSelf Assessment Questionnaire (SAQ)What is it?Why is it important?

2. Who is SAQ 4 U?A privately held business. Established to help small business owners with the first step toward complying with The Payment Card Industry – Data Security Standards (PCI-DSS).Industry professionals with a keen understanding of payment card security and PCI regulations.NOT a costly Qualified Security Assessor (QSA), because you don’t need to pay high dollars to complete an SAQ.

3. What is PCI-DSS?As stated by the Payment Card Industry (PCI) Security Standards Council (SSC):"The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data."Source: http://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

4. PCI’s 12-Steps for complianceBuild and Maintain a Secure NetworkRequirement 1: Install and maintain a firewall configuration to protect cardholder dataRequirement 2: Do not use vendor-supplied defaults for system passwords and other security parametersProtect Cardholder DataRequirement 3: Protect stored cardholder dataRequirement 4: Encrypt transmission of cardholder data across open, public networksMaintain a Vulnerability Management ProgramRequirement 5: Use and regularly update anti-virus softwareRequirement 6: Develop and maintain secure systems and applicationsImplement Strong Access Control MeasuresRequirement 7: Restrict access to cardholder data by business need-to-knowRequirement 8: Assign a unique ID to each person with computer accessRequirement 9: Restrict physical access to cardholder dataRegularly Monitor and Test NetworksRequirement 10: Track and monitor all access to network resources and cardholder dataRequirement 11: Regularly test security systems and processesMaintain an Information Security PolicyRequirement 12: Maintain a policy that addresses information security

5. What the card brands say (like VISA)All merchants will fall into one of the four merchant levels based on payment card transaction volume over a 12-month period. Payment card transaction volume is based on the aggregate number of payment card transactions (inclusive of credit, debit and prepaid) that a merchant handles. Volume is based on the number of transactions stored, processed or transmitted by the merchant.

6. What “Merchant Level” are you?Please note: AMEX and Discover requirements differ. Please call for more information.

7. Merchant “Validation” Requirements

8. What will SAQ 4 U accomplish for you?We will:Meet with you and ask brief interview-type questions to understand your business.Determine which SAQ form is required for your business.Complete the appropriate SAQ form and walk you through the results and the Attestation of Compliance validation process.Answer any questions you have and make suggestions for improvements.

9. WHY SAQ 4 U?We know that a “Self-Assessment” Questionnaire can be done by you.We also know that most people can mow their own lawns or clean their own homes, but they still hire Gardeners and House Cleaners.We want you to run your business, NOT fill outforms and research requirements.

10. Where is SAQ 4 U?TEXAS: Serving Austin, San Antonio and HoustonCALIFORNIA: Serving San Diego, Los Angeles and Orange CountyOther locations being added fast. Call to request service in your area.

11. Next Step:Call SAQ 4 U to schedule an appointment today.CALL (713) 854-4410or emailRalcala@saq4u-merchants.comwww.saq4u-merchants.com