Difference between revisions of "Code Reviews and Compliance"

From OWASP
Jump to: navigation, search
(New page: == Introduction ==)
 
(Introduction)
Line 1: Line 1:
 
== Introduction ==
 
== Introduction ==
 +
 +
The Payment Card Industry Data Security Standard (referred to as PCI from now on) became a mandatory compliance step for companies processing credit card payments in June 2005.
 +
 +
Performing code reviews on custom code has been a requirement since the first version of the standard. This section will discuss what needs to be done with regards to code reviews to be compliant with the relevant PCI requirements.
 +
 +
== Code Review Requirements ==

Revision as of 13:21, 29 June 2008

Introduction

The Payment Card Industry Data Security Standard (referred to as PCI from now on) became a mandatory compliance step for companies processing credit card payments in June 2005.

Performing code reviews on custom code has been a requirement since the first version of the standard. This section will discuss what needs to be done with regards to code reviews to be compliant with the relevant PCI requirements.

Code Review Requirements