Will my previous SAQ answers be retained for the same/similar requirements following the update?

On completion of your business profile, we will determine what answers from your previous assessment can be mapped and applied to the same or similar question in the current version so you do not need to answer those questions again.

There are exceptions to this:

If we detect a change in SAQ type following completion of your business profile
If you previously indicated that you are not compliant with a particular requirement, you will be required to re-assess and provide a response to that question again.
Any of your previous assessment questions that were auto answered by the system, because of how you answered your business profile, will not be retained with the new version. However, on re-completion of your business profile, a new set of auto-answer effects will be applied to your current assessment based on the new rules defined for the current version of your PCI DSS SAQ(s).
If your previous assessment was against PCI DSS v3.2.1, then we will only apply your previous answers where they are applicable to your assessment under the current version. For example, multiple version 3.2.1 requirements were merged into a single requirement in the latest version, so we will only apply your previous answers if all answers to the now merged questions were the same.

Will my previous SAQ answers be retained for the same/similar requirements following the update?

PCI Portal

Keep your business safe.