IBM Support

Is Comergent Multi Channel Selling (MCS) 8.0.1 PCI compliant

Question & Answer


Question

Does Comergent Multi Channel Selling (MCS) 8.0.1 have compliance for various Payment Standards like PCI, PA_DSS?

Cause

You want to perform necessary audits.

Answer

An application can be qualified to be Payment Application - Data Security Standard (PA-DSS) compliant, but not the product (MCS 8.0.1) itself . The whole environment which hosts an application like MCS 8.0.1/ Comergent 8 can be PCI-DSS compliant, but it really is the whole stack (everything from how code is managed, to who can see application inform, to network security) that is qualified.

An environment running MCS 8.0.1 was successfully audited and considered compliant. There should not be any product specific issues around a certification effort, but how to be compliant can not be documented from product side. The basic flow is that customer( who is using the product) need to work with a QA (qualified assessor) to review and/or document how to be compliant and then go through the required audit (some of that is available on-line as a self assessment, but that is dependent on scope and volume handled by the site).

[{"Product":{"code":"SS6PEW","label":"IBM Sterling Order Management"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Documentation","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.0.1","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21963222

Page Feedback