| 💼 12.8.1 A list of all third-party service providers (TPSPs) with which account data is shared or that could affect the security of account data is maintained, including a description for each of the services provided. | | | | | no data |
| 💼 12.8.2 Written agreements with TPSPs are maintained. | | | | | no data |
| 💼 12.8.3 An established process is implemented for engaging TPSPs, including proper due diligence prior to engagement. | | | | | no data |
| 💼 12.8.4 A program is implemented to monitor TPSPs' PCI DSS compliance status at least once every 12 months. | | | | | no data |
| 💼 12.8.5 Information is maintained about which PCI DSS requirements are managed by each TPSP, which are managed by the entity, and any that are shared between the TPSP and the entity. | | | | | no data |