Normal 0 false false false EN-US ZH-CN X-NONE MicrosoftInternetExplorer4
Good Morning, Our organization wants to be PCI Compliant and is working towards that end. Part of the application process is to provide documentation of the software. I know that the Tessitura software has been audited for Payment Application Best Practice (PABP). The security standards met by Tessitura in the PABP audit will meet Security Standards (PCI DSS) compliance. May I know what sort of documentation should we provide? How low should the documentation go? Should we go down to data structures or would a flow chart of the credit card data flow (showing encryption methods) be sufficient? Any help anyone could give would be great, I would especially like to see some examples of documentation that has been submitted
Thank you very much!
Vicky
Hi Vicky,
There is a document we put together specifically for PABP certification. While I don’t know for sure, I suspect this might be all the documentation you need. Here’s the link:
http://www.tessituranetwork.com/~/media/Documentation/Security/Tessitura_Payment_Card_Security_Compliance_Overview.ashx
Kevin Sheehan
Documentation & Learning Resources Specialist
Tessitura Network
1 888 643 5778 ext 329 Office
ksheehan@tessituranetwork.com
Vicky,
What SAQ and version are you using? Is this for an internal audit process?
Naomi
Hello Naomi, I am not sure if this is for an internal or external audit. We may need to be assessed by an independent assessor. I am assuming that we use SAQ version 1.2. Thank you!Vicky
Thank you very much Kevin