The Regents of the University of California

Buyer seeks qualified suppliers to provide PCI Compliance Services across the University of California system. Services include compliance advisory, QSA support, annual certification, portal access, scanning services, and training. The agreement will be for an initial 3-year term with seven optional 1-year extensions. The services will support all ten UC campuses, six health centers, and related UC organizations.

• 4/4/2025 - Pre-Bid Conference
• 4/7/2025 - Price File Template Feedback
• 4/16/2025 - Supplier Question Period End
• 4/18/2025 - UC Question Responses
• 4/25/2025 - Proposal Due Date
• 5/12/2025 - Supplier Presentations

• Provide compliance advisory services for PCI DSS requirements
• Offer Qualified Security Assessor (QSA) support
• Support annual PCI certification and audits
• Provide PCI portal for compliance tracking and documentation
• Deliver Approved Scanning Vendor (ASV) services
• Conduct training and awareness programs for technical staff
• Evaluate existing security measures and identify improvements
• Ensure continuous PCI DSS compliance
• Manage remediation processes and reporting
• Support systems assessment for PCI DSS compliance