Per international regulatory requirements, PCI DSS (Payment Card Industry Data Security Standards) must be tested regularly through a combination of assessments, audits, and validations to ensure that all organizations that handle payment card data are compliant with the security standards. These assessments can be conducted by the organization itself, internal audit teams, or external Qualified Security Assessors (QSAs).
UCSF has implemented the use of Total Compliance Tracking (TCT) as an online tool to allow merchants to complete SAQs as required, depending upon their method(s) of payment acceptance, including the attachment of any necessary support documentation in a method that allows for efficient compilation, retention and reporting to the PCI Security Council as required.
This 47-minute webinar (Microsoft 365 login required) is intended for UCSF Merchant Managers and introduces TCT and the various self-assessment questionnaires in use at UCSF. It was recorded on December 5, 2023.