[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s

12.8.2 Verify that the contract contains provisions for acknowledgement by the third party of their responsibility for securing cardholder data

Vsa aims to secure Visa cardholder data wherever it resides, requiring that members, merchants, and service providers maintain the highest information security standards.I like the post very much as it contain information regarding Data security.

Now, to comply with 12.8.2, assessed entity must be create a table of responsibilities between DSS requirements that are managed by each service provider and which are managed by the entity.

The best example is when using a service provider to house servers and sensitive media.

Best regards, Mark from PCI Initiative.