Full Name
*
First Name
Last Name
Company Name
*
Website
*
Email
*
example@example.com
Title
*
How did you hear about us?
*
Please Select
Drata
Vanta
Social Media
Google
PCI Service(s) Needed
*
PCI Advisory/Readiness Assistance
Assisted Self-Assessment Questionnaire (SAQ)
Report on Compliance (ROC)
Not Sure
If you need to complete a Self-Assessment Questionnaire, what is your SAQ type?
*
Please Select
SAQ A
SAQ A-EP
SAQ B
SAQ B-IP
SAQ C-VT
SAQ C
SAQ P2PE
SAQ SPoC
SAQ D - Merchant
SAQ D - Service Provider
Not Sure
Click Here for More Information regarding SQAs
X
PCI Classification
*
Service Provider
Merchant
Not Sure
Number of annual credit/debit transactions
*
Please Select
0-20,000
20,000-300,000
300,000-1 Million
1 Million - 6 Million
Over 6 Million
Unknown
Previous PCI Initiatives:
*
Please Select
None
Previously completed ROC
Previously complete SAQ
Not Sure
Desired PCI Attestation Date
*
ASAP/Within 30 days
Within 90 days
Within 6 months
Within 12 months
TBD/Unknown
Other
Where are you required to demonstrate PCI compliance (Regions where you operate) – please check any of these that apply
*
USA (US)
Canada
Latin America/Caribbean (LAC)
Asia Pacific (APAC)
Central/Eastern European, Middle East, Africa (CEMEA)
TBD/ Not Sure
Do any of the following apply to your Company – please check any of these that apply
*
My Company Stores/Processes/Transmits cardholder account data
My Company could impact the security of other Customers’ account data
My Company owns or manages on-premise systems and servers that touch credit/debit cards
All of my Company’s cardholder data functions are outsourced to a PCI-compliant external provider
My Company has no cardholder data systems/networks managed on premise (PCI environment is fully collocated to a cloud provider)
All cardholder data stored/processed/transmitted on systems managed by my Company is truncated, hashed, or tokenized (no full or unencrypted credit/debit card account number storage or processing)
My Company develops custom software that provides payment functions
My Company issues payment cards or virtual cards
PCI Scope/Environment – please check any of these that apply
*
My Company accepts credit/debit cards in-person
My Company accepts credit/debit cards over the phone
My Company accepts credit/debit cards online
If payment pages are present: payment page(s) redirect or use an iFrame connected to a compliant payment provider
If payment pages are present: payment pages accept credit cards via a form provided by a third party
My Company operates a Call Center/Contact Center that processes credit/debit cards
My Company uses or manages Point-of-Sale/Point-of-Interaction payment devices or systems
Please provide a brief description of your PCI Environment (how does your Company store, process, transmit, or impact the security of cardholder data)
*
Does your organization use an automated GRC platform to track PCI compliance
*
Please Select
Vanta
Drata
Secureframe
Tugboat
Laika
Other GRC
Not sure
If you use a GRC platform to manage your PCI compliance what is your current PCI compliance percentage
*
Please Select
0-25%
26-50%
51-75%
76-100%
Not Sure
Are you a current Johanson Group Client?
*
Yes
No
Do you need a hand with any other Johanson Group services – please check any that apply
Penetration Testing (required for most PCI assessments)
ASV/external vulnerability scanning (required for most PCI assessments)
Policy/documentation development assistance
SOC 1/2/3 Services
ISO/IEC 27001 Certification Services
ISO/IEC 27017/27018 Certification Services
ISO/IEC 42001 Compliance
HIPAA Attestation
CCPA/Privacy
GDPR/Privacy
NIST Assessment
Tax/Audit
Nope, I’m good!
Please verify that you are human
*
Owner ID
Submit
Should be Empty: