PCI DSS SOW (Proposal) Request Form

  • System Information

  • Business Information

  • Have you identified and documented all locations and flows of cardholder data, as well as identified and documented all systems that are connected to or, if compromised, couldimpact the CDE (for example, authentication servers)?