We use IBM for Intrusion Detection, Vulnerability scanning and Penetration Testing.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Davis Kriss P Sent: Tuesday, June 28, 2005 7:22 AM To: IBM-MAIN@BAMA.UA.EDU Subject: CISP VISA compliance Dear Colleagues, I know this is more of a business question, but perhaps some of you have been involved in the technical compliance part of this. There are new credit card compliance rules (firewall placement, etc.) coming into effect for VISA credit card transactions. There seems to be two parts (we are tier 2 based on our transaction loads and VISA's CISP documentation). 1. The periodic scan of our servers/system by a certified "scanner" to make sure our systems are secure. 2. The self-assessment Q and A document we need to fill out periodically. I would be interested if anyone has used a consulting firm for one or both compliance parts. The Q and A part we have reviewed just is not clear enough to us to know what VISA is asking for in certain situations. Getting someone in that has a track record and knowledge of the ins and outs of the CISP specification to help us would be great. Thanks in advance. ------------------------- Kriss Davis, CCP Project Manager Touchnet/eCommerce Illinois State University [EMAIL PROTECTED] 309-438-2802 ------------------------- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
