The Vendor shall provide all necessary on-going consultant services to support annual compliance requirements. 4.16. The Vendor shall prepare all necessary documentation required to demonstrate compliance that the State will in turn submit to the acquiring bank and payment card brands or regulatory authority on an annual basis. 4.17. At any time during the terms of this contract, the State may request, and the Vendor shall provide, a Security Assessment for: A. A State agency that is accepting credit card payments for the first time, B. An existing State agency that proposes to modify their current system/application, and/or C. Network or other infrastructure changes that impact the data environment including but not limited to physical location. D. The purpose of the Security Assessment shall be to validate the State, as the merchant, remains fully compliant with PCI security standards...
