This latest achievement qualifies ControlCase to assess vendors’ software lifecycle management practices and Certify payment software products to the PCI Secure Software Standards.
The software security framework program was launched by the PCI Security Standards Council (PCI SSC) as a solution to support the PCI Software Security Framework (SSF), a collection of standards and programs for the secure design, development, and maintenance of payment software.
The PCI Secure Software Standard provides a baseline of requirements with corresponding assessment procedures and guidance for building secure payment software. The set of security requirements and associated test procedures are to ensure payment software adequately protects the integrity and confidentiality of payment transactions and data. This standard replaces PA DSS which is phasing out by June 2021.
The ControlCase methodology for providing the PCI Secure Software assessment is complimented by the company’s partnership approach to assessments – the project begins with a thorough scoping and gap analysis phase followed by remediation support and final assessment phase. The service is also supported by smart technology for security testing and a secure portal for evidence collection.