PCI DSS DESV | Designated Entities Supplementary Validation

By: SISA Information Security Inc.  05/19/2016
Keywords: Designated Entities Supplementary Validation, PCI DSS compliance program, PCI DSS DESV,

PCI DSS Designated Entities Supplementary Validation is intended to provide greater assurance for PCI DSS Compliance and to ensure controls are maintained effectively and validation is done as business-as-usual (BAU) processes. While PCI DSS is focused on cybersecurity, the DESV addresses risk management, governance, controls, and process maturity to a greater extent. Designated Entities include entities that may be at greater risk for compromise including those that store, process, and/or transmit large amounts of card data, provide aggregation points for cardholder data, or that have suffered significant or repeated breaches of cardholder data. A Designated Entity is determined by an Acquirer or Payment Brand as an organization that requires additional validation to existing PCI DSS requirements. The DESV has to be done in conjunction with PCI DSS and contains additional security control requirements that are organized into 5 control areas: Implement a PCI DSS compliance program Document and validate PCI DSS scope Validate that PCI DSS is incorporated into business-as-usual activities Control and manage logical access to the cardholder data environment Identify and respond to suspicious events. Even if your organization is not a Designated Entity, DESV can be used to complement any entity’s PCI DSS compliance efforts, and all entities are encouraged to follow DESV as a best practice.

Keywords: Designated Entities Supplementary Validation, PCI DSS compliance program, PCI DSS DESV,

Contact SISA Information Security Inc.

Email

Print this page

Other products and services from SISA Information Security Inc.

05/19/2016

PCI DSS training

SISA's 2 day Payment Security Training is primarily aimed at enabling you to understand and implement PCI Standards successfully in your organization.You will gain a clear conception of the various requirements of the PCI DSS, and discover the intent behind each of its requirements. This PCI DSS Training will be the first to feature PCI DSS v3.2 updates and will prepare delegates from merchants, banks, service providers and card schemes for upcoming remediation and certification projects.


05/19/2016

Vulnerability Assessment

SISA’s vulnerability assessment solution offers fast, non-intrusive and comprehensive ASV scans.


05/19/2016

EI3PA Compliance

SISA can help in meeting EI3PA standard requirements in a time defined manner without compromising on security


05/19/2016

Facilitated SAQ | PCI SAQ Compliance

We help you optimize your scope, implement controls to pass each required control and document the required evidence in the correct format.


05/19/2016

PCI PIN Security

Secure PIN the most coveted data with SISA Information Security


05/19/2016

PA DSS Compliance

We are the best in class PA DSS Compliance service providers in the globe


05/19/2016

PCI DSS Compliance

We are the best PCI DSS Compliance service providers in the globe


05/19/2016

SISA Card Discovery Tool

Discover the credit card sensitive information with SISA Data Discovery Tool


05/19/2016

SISA Assistant

Security Managers report up to 80% time and effort saved with SISA Assistant.