Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VISA Net audit?

From: Austin Winkleman <winkleaf () SLU EDU>
Date: Fri, 3 Jun 2005 14:38:34 -0500
   Here's an article about e-commerce sites having to comply with a
standard from the Payment Card Industry:
http://www.ecommercetimes.com/story/ebiz/42479.html

   From Visa's web site, the compliance depends on "merchant level".
See
http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp_merchants.html?it=l2|/business/accepting_visa/ops_risk_management/cisp_service_providers%2Ehtml|Merchants

   The "12 requirements" standard is available at
http://www.ecommercetimes.com/story/ebiz/42479.html

-Austin W

Doug Sandford wrote:


Our Loans Receivables group called a couple of days ago to alert me
to an audit requirement that has been imposed by Visa(Net), for whom
we are a "merchant."   The process involves a self-assessment,
together with a "Quarterly Network Security Scan" that must be
conducted by a Visa-certified third party.

Have any of you received the same notification? And how did you deal
with what we are told is a June 30 compliance date?

Regards, and thanks in advance.




Doug Sandford
Information Security Officer
University of Alabama
Seebeck Computer Center
doug () ua edu

This email is intended only for the person to whom it is
addressed.  Any review or other use of this information by
persons or entities other than the intended recipient or any
retransmission without the consent of the sender is prohibited.




--
-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -
Austin F Winkleman               Information Security Officer
Information Technology Services  Des Peres Hall 208   (314)977-2552
-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -
Previous By Date Next
Previous By Thread Next

Current thread: