With BP Europa SE, Europe’s largest serving station corporation, another major player has been certified against PCI DSS by usd AG.
Parameters and objectives for the project were laid out in January 2016 by all parties involved. Eight countries and the central IT processing credit card data (short: FEP) were on the agenda. Together with the BP Europa team, service provider Diebold Nixdorf (formerly TSG Tankstellen-Support GmbH), and usd’s team of auditors, the certification project was launched.
Besides Poland and Portugal, Germany, Austria, Luxembourg, Switzerland, the Netherlands and Great Britain, which are the six countries connected to the FEP, were certified. Janette Pitzschel, usd Lead Auditor of the BP country audit, says: “The audit plan was definitely ambitious. Developing an audit strategy that would provide us with an efficient and solution-oriented course of action was one of the major challenges during the preparation phase. Working together with this great team, we succeeded.”
Christopher Kristes, Lead Auditor of the central FEP and Head of the usd PCI & Payment Security Department, is satisfied as well: “With BP Europe and Diebold Niexdorf we had strong partners, which makes it possible for even such complex certification projects to run smoothly.”
On 31 July 2016, just under three and a half months after the actual audit was launched, the task was successfully completed.
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated accordingly and now covers the current requirements. The Digital Operational Resilience Act (DORA) came into force on...
