pci dss saq.pdf
Questionnaire SAQ A-EP
Build and Maintain a Secure Network and Systems : 45 questions to be completed
Protect Cardholder Data : 7 questions to be completed
Maintain a Vulnerability Management Program : 30 questions to be completed
Implement Strong Access Control Measures : 35 questions to be completed
Regularly Monitor and Test Networks : 48 questions to be completed
Maintain an Information Security Policy : 18 questions to be completed
Build and Maintain a Secure Network and Systems
Install and maintain a firewall configuration to protect cardholder data
Are firewall and router configuration standards established and implemented to
include the following:
Is there a formal process for approving and testing all network connections and
changes to the firewall and router configurations?
Compensating Control X Yes
Is there a process to ensure the diagram is kept current?
Is there a current network diagram that documents all connections between the
cardholder data environment and other networks, including any wireless networks?
Is there a current diagram that shows all cardholder data flows across systems and