QRC Assurance And Solutions Pvt. Ltd.

VSCC CERTIFICATE (SBI)

VSCC Certification

SBI formulated a compliance mandate for vendors to ensure appropriate security best practices and controls deployed on merchant websites that are integrated with their payment gateways. Any payment service provider or vendors that wants to integrate SBI payment service to their business gateway, needs to undergo Vendor security compliance, fulfilling all the withholding requirements. The Vendor Site Compliance Certificate (VSCC) can only be issued by CERT-In Empaneled Organization. Though it is only required for private merchants, government clients and reputed educational institutes need to produce a self-certify Form C.

The key requirement/criteria/segment to be covered as per the Vendor Site Compliance Certificate (VSCC Form C) questionnaire are as follows:

  • SSL Certificate & Encryption

  • Application Security

  • Vulnerability Assessment & Penetration Testing

  • Firewall

  • Data Storage & Localization

  • Audit Trail & Logging

  • PCI DSS (if applicable)

  • Data Sharing & Privacy

The VSCC Form C must be filled, signed & certified by a CERT-IN empaneled auditor which can then be submitted to SBI as part of the merchant on-boarding process.

"As a CERT-IN empanelled body, QRC will help you understand, manage and comply with IRDA’s Cyber Security requirements as published in the IRDA’s Guidelines on Insurance E-Commerce on a periodic basis."

Audit Approach

VSCC Certification

Business Understanding

Evaluating business process and environment to understand the in-scope elements as per the VSCC form requirement

VSCC Certification

Assessment Scope Finalization

Detailed questionnaire is shared with your teams to aid in the scope definition, planning and preparation of the assessment

VSCC Certification

Initial/Readiness Assessment

As per the VSCC requirement, we will conduct an initial assessment measuring the risks to enhance the reliability of processes, critical system platforms, networks and physical components.

VSCC Certification

Remediation Support

As per the assessment QRC will provide remediation support for complying with the Vendor Site Compliance requirements

VSCC Certification

Scans And Testing

Identify critical vulnerabilities in your system with a robust testing approach

VSCC Certification

Evidence Review

Review of the evidence collected to assess their maturity, in line with the compliance

VSCC Certification

Final Audit

Post remediation, we conduct a final audit evaluating all the necessary controls determining successful closure of the gaps. On successful closure, we will share the final certificate.

VSCC Certification

Concise Reporting

Our team documents a comprehensive report detailing all findings covered during the assessment cycle.

Related Updates




Copyright 2024 @ QRC Assessments Services Pvt. Ltd. | All Rights Reserved.

LinkedIn Facebook Twitter Youtube

We use cookies to enhance your user experience. By continuing to browse, you hereby agree to the use of cookies. Know more Privacy Policy & Cookies Policy.

X