PCI Compliance Resources

Policy

Policy information pertaining to the Payment Card Industry – Data Security Standard (PCI-DSS), and UBC Merchant requirements, is incorporated in UBC Policy SC14 (PDF) and the Information Security Standards. UBC has targeted policy compliance for the university at the Self Assessment Questionnaire (SAQ) "C" level in order to cover the majority of our merchants who are using SAQ-A through C processes.

All UBC merchants are required to be in compliance with the PCI-DSS and UBC Policies, specifically Policy SC14. Overall responsibility for coordination of PCI compliance rests with UBC Finance, details can be found on their site here: https://finance.ubc.ca/banking-leases/pci-dss-compliance

Guidelines

The following guidelines are presented to assist Merchants with understanding their role in compliance with PCI-DSS.

Resources/Tools

The following resources and tools are provided to assist merchants with achieving and maintaining PCI compliance at UBC. They are provided as an option to reduce the effort required by a merchant to achieve and maintain compliance; however, it is the merchant's choice as to whether or not to use these resources and tools.

Procedural templates

In addition to the policy requirements for PCI-DSS, there are procedural requirements. To assist with this, the university has developed templates for procedures that are needed for SAQ-C compliance. SAQ-A through C merchants should find all of the procedural templates required in this package.

SAQ-D merchants will require additional procedures beyond what is included in this package (ZIP).

Cisco AMP for Endpoints

The university has licensed products from Cisco to protect its digital assets. UBC provides Cisco AMP for Endpoints on PCI Virtual Terminals to protect systems against malware and malicious activities. Details on how AMP meets existing PCI DSS compliance requirements can be found on Cisco's website.

Virtual Firewalls

Network firewalls are required by PCI for segmenting processes; UBC IT provides a virtual firewall service for UBC merchants in conjunction with virtual networks.

Virtual Networks

Virtual networks are required for the virtual firewall service but are also advantageous for routing/grouping similar systems. E.g. placing Point of Sale (POS) terminals from multiple networks into a single virtual network managed by a firewall.

Page last updated on March 4, 2025

UBC Information Technology

6356 Agricultural Rd
Vancouver, BC Canada
V6T 1Z2

Related Sites

Need Help?

UBC Crest The official logo of the University of British Columbia. Urgent Message An exclamation mark in a speech bubble. Bluesky The logo for the Bluesky social media service. Bookmark A bookmark in a book. Browser A web browser window. Caret An arrowhead indicating direction. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Arrow in Circle An arrow indicating direction. Time A clock. Chats Two speech clouds. E-commerce Cart A shopping cart. Facebook The logo for the Facebook social media service. Help A question mark in a circle. Home A house in silhouette. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Menu Three horizontal lines indicating a menu. Minus A minus sign. Pencil A pencil indicating that this is editable. Telephone An antique telephone. Play A media play button. Plus A plus symbol indicating more or the ability to add. Search A magnifying glass. Settings A single gear. Arrow indicating share action A directional arrow. Speech Bubble A speech bubble. Star An outline of a star. Twitter / X The logo for the X (aka, Twitter) social media service. User A silhouette of a person. Vimeo The logo for the Vimeo video sharing service. Youtube The logo for the YouTube video sharing service.