Epicor Easy SAQ

The program features an online validation tool, enabled by SecurityMetrics, which helps you complete the steps necessary for your PCI DSS certification. There are two components required to validate your business: the self-assessment questionnaire and conducting a vulnerability scan.

Once you register for the program, the platform will ask a few questions to determine the appropriate PCI wizard for your business. The wizard helps you fill out the correct self-assessment questionnaire to enable prepopulated answers where applicable, and a comprehensive Epicor PCI guidance document that explains each question in plain English. The tool will also identify if you require vulnerability scanning.

The registration process helps present a pathway for certification that’s not overly complex.

• If needed, a proprietary scanning engine tests your system for more than 5,000 network operating system and application vulnerabilities.
• Dashboard displays your status for security and certification.

• Access the guide right from the online tool.
• Step-by-step guidance helps you make sense of each SAQ question.

• Quarterly audits help keep you apprised of any changes to laws and assist you in maintaining your PCI compliance.
• SecurityMetrics's tool can help detect storage of prohibited data, such as payment card track data.

Upon registration, you will also be automatically enrolled in data breach coverage, enabled by Royal Group Services®, an electronic payments industry expert. In case of a data breach, your business will be covered for up to $100,000 of any resulting costs.

• Covered costs include forensic audits, card replacement, and fines resulting from suspected or actual data breaches (up to limit).
• 100% underwritten by strong insurance organizations rated “A” by independent third-party rating agencies.

• Access PCI assistant tutorials and online help at your fingertips.
• Develop and document data security policies and procedures using the Security Policy Advisor tool.
• Find security awareness training online modules for many employees' roles.
• Receive ongoing updates regarding changes in laws and how it will affect your PCI compliance.

• The SecurityMetrics portal helps you work toward PCI compliance and protects your business for the long term.
• The portal protects customers from network hacking, skimming, and even physical losses resulting from employee dishonesty or third-party theft of computer or paper records.

As a Qualified Security Assessor company (QSA-C), SecurityMetrics allows compliance auditing and consulting if you require a Qualified Security Assessor (QSA).

• Protect sensitive information while in transit with encryption protocols.
• SecurityMetrics's data centers utilize multiple protection layers and devices to segment these layers.
• Access to data is tightly controlled.