ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

You are here: Home / Blog / About the PCI Software Security Framework

The PCI Software Security Framework (SSF) is a collection of standards and programs for the secure design, development, and maintenance of payment software.

The PCI Secure SLC Standard provides a baseline of requirements with corresponding assessment procedures and guidance to help payment software vendors design, develop, and maintain secure payment software throughout the software lifecycle. Enabling organizations to build more secure payment software.

The set of security requirements and associated test procedures aim to ensure payment software adequately protects the integrity and confidentiality of payment transactions and data. The PCI Secure Software Standard replaces PA DSS which will be retired in October 2022.

The ControlCase methodology for providing the assessments for the PCI Secure SLC Standard and the PCI Secure Software Standard is complimented by the company’s partnership approach to assessments –projects begin with a thorough scoping and gap analysis phase followed by remediation support and final assessment phase. The service is also supported by smart technology to security testing and a secure portal for evidence collection.

For more information on ControlCase offerings and services, please contact Kimberly Simon at ksimon@controlcase.com

Related Blog

Importance of building a culture of security and compliance within your organization
Meet ControlCase CEO Mike Jenner. He discuss the importance of building a culture of security and compliance within your organization
How ControlCase’s “OneAudit” and “Continuous Compliance” Solutions Support Clients
The “OneAudit” solution is complimented by the “Continuous Compliance” services which includes ongoing security management to ensure security and compliance become business as usual for your company.
One Audit – Concept to Reality – The path forward
How to Manage PCI DSS Compliance Using Zero Trust Principles.
The PCI DSS provides guidelines for securely processing, storing or transmitting payment card data. It aims to protect organizations and their customers against payment card fraud and is made up of 12 requirements or control objectives that comprehensively protect the payments ecosystem.
HIPAA / HITECH Compliance
A HIPAA / HITECH attestation report demonstrates that an organization has implemented safeguards to protect sensitive ePHI. HIPAA establishes administrative, physical, technical, security and privacy standards that apply to both healthcare providers and business associates.
"One Audit" for IT Security Compliance Explained!
The One Audit solution provides the ability for organizations to perform a single audit and certify/comply with multiple regulations including but not limited to PCI DSS, ISO 27001, BITS FISAP, HIPAA, SOC 1/2/3, and FISMA NIST 800-53.

About Us

ControlCase is a global provider of certification, cybersecurity, and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost-effective, and comprehensive in both on-premise and cloud environments.
ControlCase offers certifications and a broad spectrum of cyber security services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC2, CMMC, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PCI SSF, CSA STAR, HIPAA, GDPR, SWIFT, and FedRAMP.