Can SAQ eligibility criteria be used for determining the applicability of PCI DSS requirements for assessments documented in a Report on Compliance?
Reposted from PCI Website. Service providers cannot use SAQ eligibility criteria to determine the applicability of PCI DSS requirements for assessments documented in a Report on Compliance. The only acceptable SAQ for service providers is SAQ D for Service Providers. All other SAQs are intended for merchant use only. Merchants with environments that fully meet all…