The Payment Card Industry (PCI) Security Standards Council has released guidance “to help organizations and their business partners reduce this risk by better understanding their respective roles in securing card data,” according to a PCI press release. With more businesses using third-party operations, risk of security incidents increase, the report states, hence the guidance aims to “ensure payment data and systems entrusted to third parties are maintained in a secure and compliant manner.” The “Third-Party Security Assurance Information Supplement” has been informed by more than 160 organizations and includes recommendations to conduct due diligence and risk assessment, expectation-setting, appropriate third-party agreements and an ongoing monitoring process.
Full Story
Comments
If you want to comment on this post, you need to login.