Compliance & Regulatory Tools
PCI DSS Scope Calculator
Answer questions about card data storage, transaction processing, and network segmentation to determine PCI DSS scope and applicable SAQ type.
No data is transmitted โ everything runs locallyTool
About this tool
PCI DSS Scope Calculator
The PCI DSS Scope Calculator determines CDE scope and SAQ applicability from cardholder data storage, transaction processing method, and network segmentation status.
โข Determine PCI scope before a QSA engagement
โข Check whether tokenization removes a system from PCI scope
โข Find applicable SAQ type for a card-not-present e-commerce flow
โข Assess scope impact of adding direct card processing to a checkout page
Affiliate disclosure
Credential and secrets management for teams. 1Password provides enterprise password management and secrets infrastructure for development teams.
View payment credentials with 1Password
External site ยท Independent provider ยท We may receive a commission ยท Not a recommendation
FAQ
What does this tool tell you?
The PCI DSS Scope Calculator determines CDE scope and SAQ applicability from cardholder data storage, transaction processing method, and network segmentation status.
What affects the result most?
PCI DSS scope: any system that stores, processes, or transmits cardholder data (CHD). Scope reduction: tokenization removes CHD from scope โ token processor in scope, everything else out. SAQ types: SAQ A (card-not-present, fully outsourced), SAQ D (all others) โ SAQ A simplest.
How should I use the result?
Treat the tool's output as a first-pass check, not a proof of correctness. A clean pass means no issues in the patterns this tool recognizes; a failure points to a specific problem you can investigate in your source. The underlying spec is the authoritative source for edge cases.