Educause Security Discussion mailing list archives

PCI Contract Language

From: "Miller, Brad" <brad.miller () NDUS EDU>
Date: Thu, 26 Jan 2017 16:05:35 +0000

The University of North Dakota is in the process of reviewing their PCI Contract language verbiage (see attached), and 
we would be interested if anyone would be willing to share theirs.

We are particularly interested in language to use for Third-Party Service Providers who don’t process, store, or 
transmit credit cards, but could affect the security of the CDE (hosting web re-directs, providing mx/support of 
computers, etc.)

Thanks in advance,
~Brad
Brad Miller, CISSP, GSEC, C|EH, PCIP
Director, Information Security
NORTH DAKOTA
University System
Core Technology Services
4349 James Ray Drive
Grand Forks, ND 58203
   701.777.3587 (o)
   701.739.1760 (c)
   cts.ndus.edu<http://cts.ndus.edu/>
[ard_isc2_cissp2_3]<https://www.youracclaim.com/badges/19f26106-d584-4d00-a890-e28b3b0a64a3/public_url>[ard_Template_GSEC
 2]<https://www.youracclaim.com/badges/a323ece3-2cea-4be7-ac18-4300f750b22a/public_url>

Attachment: UND PCI Contract Terms and Conditions FINAL.docx
Description: UND PCI Contract Terms and Conditions FINAL.docx

Current thread:

PCI Contract Language Miller, Brad (Jan 26)
- Re: PCI Contract Language Robert Smith (Jan 26)