💼 12.8.2 Written agreements with TPSPs are maintained.

• Contextual name: 💼 12.8.2 Written agreements with TPSPs are maintained.

• ID: /frameworks/pci-dss-v4.0/12/08/02

• Located in: 💼 12.8 Risk to information assets associated with third-party service provider (TPSP) relationships is managed.

Description

As follows:

• Written agreements are maintained with all TPSPs with which account data is shared or that could affect the security of the CDE.
• Written agreements include acknowledgments from TPSPs that they are responsible for the security of account data the TPSPs possess or otherwise store, process, or transmit on behalf of the entity, or to the extent that they could impact the security of the entity's CDE.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/12/08/02
  • /frameworks/pci-dss-v4.0.1/12/08/02

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.8.2 Maintain a written agreement that includes an acknowledgement that the service providers are responsible for the security of cardholder data the service providers possess or otherwise store, process or transmit on behalf of the customer, or to the extent that they could impact the security of the customer's cardholder data environment.
💼 PCI DSS v4.0.1 → 💼 12.8.2 Written agreements with TPSPs are maintained.

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.8.2 Maintain a written agreement that includes an acknowledgement that the service providers are responsible for the security of cardholder data the service providers possess or otherwise store, process or transmit on behalf of the customer, or to the extent that they could impact the security of the customer's cardholder data environment.
💼 PCI DSS v4.0.1 → 💼 12.8.2 Written agreements with TPSPs are maintained.

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags