For more information visit https://megaplanit.com/caas
This walkthrough guides new CaaS users through the set up process, gives an overview of the Merchant Dashboard functionality, details the SAQ instructions, and provides an overview of how easy and intuitive the CaaS Portal really is to use.
Compliance as a Service (CaaS) PCI DSS Merchant Walkthrough
1. MegaplanIT.com/caas
Compliance
as
a
Service
(CaaS)
PCI
DSS
Merchant
Walkthrough
2. Login
Screen
First
Time
Users:
• Click
“Register/Begin”.
Returning
Users:
• Login
with
your
Username
and
Password.
3. RegistraGon
• Enter
your
Merchant
ID
Number
and
Zip
Code.
• Click
“Register”.
4. Business
InformaGon
Fill
out
your
business
informaGon.
Some
of
the
informaGon
may
already
be
pre-‐filled
for
you.
Click
“Con5nue”.
Required
Fields
Include:
• Business
Name
• Merchant
ID
• Zip
Code
• Email
Address
• Username
• Password
• Re-‐enter
Password
5. Terminal
InformaGon
Answer
the
3
quesGons
about
your
credit
card
machine
or
the
way
you
accept
credit
cards.
Click
“Con5nue”.
6. Pre-‐SAQ
QuesGons
Answer
the
Pre-‐SAQ
QuesGons
and
CaaS
will
place
you
in
the
correct
Self
Assessment
QuesGonnaire
(SAQ).
If
you
know
which
SAQ
you
belong
in,
you
can
select
it
manually
by
clicking
“Manually
Select
SAQ”.
When
finished,
click
“Con5nue”
7. Summary
In
Summary,
the
SAQ
has
been
selected
for
you
from
the
answers
given
in
the
Pre-‐SAQ
QuesGons
step.
If
you
don’t
agree
with
the
bullets
in
the
Summary
about
your
business,
please
click
the
“Back”
buXon
at
the
boXom
of
the
page
to
re-‐answer
the
quesGons
more
accurately.
8. Summary
You
can
Manually
select
the
SAQ
that
fits
your
business
by
clicking
the
check
box
in
the
“Manually
Select
SAQ”
box.
By
pu[ng
your
cursor
over
each
SAQ
Type
you
can
then
read
the
Summary
for
that
SAQ
Type.
To
select,
click
on
the
buXon
for
the
SAQ
Type
you
desire.
(Must
have
the
“Manually
Select
SAQ”
box
checked.)
9. Merchant
Dashboard
Aer
you
have
established
a
username
and
password,
log
in
to
CaaS.
Once
you
are
logged
in,
your
Merchant
Dashboard
will
show
you
the
necessary
steps
in
becoming
Compliant.
Required
Steps:
• Missing
Signature
• SAQ
• Scan
(if
available
on
your
Dashboard.
Required
for
Merchants
processing
via
IP/Internet
instead
of
a
Phone
line.)
11. Verify
Email
Verifying
your
email
is
to
confirm
we
have
a
good
email
address
on
file.
We
use
email
to
conGnue
to
noGfy
merchants
of
compliance
data
or
merchant
status
that
may
change
from
Gme
to
Gme.
If
you
have
not
received
the
email
confirmaGon
email,
please
click
“Send/Re-‐send
Verifica5on
Email”.
13. Missing
Signature
Merchants
must
read
and
agree
to
the
terms
and
condiGons
of
the
portal.
• Click
the
“I
Agree”
check
box.
• Sign
in
the
white
box
with
your
cursor.
• Click
“Save”.
15. Self-‐Assessment
QuesGonnaire
(SAQ)
SAQ
Instruc5ons
ü All
Answers
must
be
answered
with
a
“Yes”
or
“N/A”
response
in
order
to
become
Compliant.
ü Any
Answers
with
a
“No”
response
will
NOT
be
considered
Compliant
and
will
require
remediaGon
so
that
the
response
can
be
changed
to
a
“Yes”
or
“N/A”
response.
ü If
any
quesGons
are
answered
with
an
“N/A”
response,
an
explanaGon
as
to
why
the
quesGon
does
not
apply
to
the
Merchant
will
be
required.
16. Self-‐Assessment
QuesGonnaire
(SAQ)
Complete
each
quesGon
by
clicking
on
the
QuesGon
Title
itself,
then
answering
the
quesGon
with
a
“Yes”,
“No”,
or
“N/A”
response.
To
display
all
quesGons
at
the
same
Gme,
click
“Show
All”
in
the
top
right
hand
corner
of
the
QuesGons
container.
If
you
sGll
have
a
quesGon
aer
reading
the
QuesGon
and
ExplanaGon,
click
the
“Ask
Ques5on”
buXon
in
the
boXom
right
hand
corner
of
the
QuesGon
box.
Once
you
have
finished
the
quesGons,
click
“Con5nue”
at
the
boXom
right
hand
corner
of
the
screen.
You
may
also
choose
to
select
“Finish
Later”
to
save
what
you
have
answered
and
return
to
the
Merchant
Dashboard
to
complete
at
a
later
Gme.
17. Self-‐Assessment
QuesGonnaire
(SAQ)
If
you
receive
this
message
aer
compleGng
the
SAQ:
• Click
“SAQ
Remedia5on”.
• Answer
the
remaining
unanswered
quesGons.
OR
• Any
response
answered
with
“No”
must
be
remediated
so
the
Merchant
can
change
the
answer
to
a
“Yes”
or
“N/A”
response
in
order
to
become
Compliant.
19. Scan
To
Schedule
a
Scan:
• Click
on
“Schedule
Scan”
in
the
Menu
Bar.
To
Review
a
Past
Scan:
• Click
on
the
date
of
the
Scan
you
would
like
to
review.
20. Schedule
Scan
Follow
the
prompt
to
select
your
se[ngs
for
the
scan
and
finish
by
clicking
“Schedule/Run
Scan”.
21. Scan
Details
Review
View
each
vulnerability
by
clicking
on
the
risk
level
(colored
boxes),
then
click
on
the
name
of
each
vulnerability
beneath.
To
download
the
report,
click
on
“Download
Report”
in
the
Gtle
bar.
To
send
a
support
request
or
report
a
false
posiGve,
use
the
Support
Request
secGon
at
the
boXom
of
the
page.
23. Downloads
To
download
a
Compliant
CerGficate,
click
on
the
“Comple5on
Cer5ficate”
icon.
Merchant
must
become
Compliant
before
CaaS
will
allow
download.
25. Merchant
Overview
Merchant
Overview
will
allow
you
to
see
all
of
your
informaGon
as
it
is
stored
in
CaaS.
In
addiGon,
you
can
setup
addiGonal
users,
view
status
of
SAQ
and/or
Scan
(if
applicable),
and
Overall
Status.
27. Manage
Users
To
add
addiGonal
Users:
Click
“Add
New”
next
to
the
Search
buXon.
To
Search
for
a
User:
Enter
the
name
of
the
User
you
would
like
to
search
for
and
click
“Search”.
To
edit
a
User
select
the
icon
in
the
EDIT
secGon.
To
delete
a
User
select
the
icon
in
the
EDIT
secGon.
To
reset
the
password
for
a
User,
select
the
icon
in
the
EDIT
secGon.
28. Merchant
Dashboard
If
you
need
to
change
your
SAQ
Type
as
it
is
no
longer
correct,
click
“Change
SAQ
Type”
and
the
Portal
will
direct
you
back
through
the
Pre-‐SAQ
QuesGons
again.
29. Who
We
Are
Megaplan-‐IT,
LLC
is
a
PCI
SSC
CerGfied
network
security
and
compliance
firm
that
specializes
in
PCI
DSS
Compliance,
PenetraGon
TesGng,
Secure
Web
Development,
Cloud
SoluGons,
HIPAA
Compliance,
and
other
high-‐level
IT
audiGng
and
risk
management
services.
With
over
fieen
years
of
applied
experience
in
the
field
of
network
security
and
compliance,
the
Megaplan-‐IT
team
is
comprised
of
highly-‐skilled
and
well-‐trained
informaGon
security
professionals
who
will
work
collaboraGvely
with
your
company
and
maintain
open
and
direct
communicaGon
throughout
the
project.
Megaplan-‐IT
QSAs
are
trained
in
Version
2.0
of
the
PCI-‐DSS
Requirements.
To
learn
more,
visit
us
today
at
hQps://megaplanit.com
30. Why
Choose
Megaplan-‐IT
Cost
Quality
Megaplan-‐IT
includes
key
services
for
free
with
each
Megaplan-‐IT
provides
the
most
accurate
assessment.
This
approach
provides
our
clients
with
security
risk
assessment
services
at
the
most
huge
savings
and
ensures
that
all
compliance
compeGGve
prices.
We
stand
by
the
quality
of
requirements
are
met.
our
reporGng
from
start
to
finish.
Service
Mission
Megaplan-‐IT's
mission
is
to
build
an
Megaplan-‐IT
clients
never
wait
for
a
skilled
ongoing
relaGonship
with
our
clients
by
consultant
or
QSA
to
be
assigned.
Our
team
successfully
compleGng
a
wide
range
of
is
available
to
assist
you
when
the
need
security
and
compliance
goals
on
a
arises.
100%
SaGsfacGon
Guaranteed.
recurring
annual
basis.
To
speak
with
a
consultant
now,
please
call
800-‐891-‐1634
or
email
sales@megaplanit.com