Approved Scanning Vendors Feedback

An ASV is an organization with a set of security services and tools (“ASV scan solution”) to conduct external vulnerability scanning services to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2. The scanning vendor’s ASV scan solution is tested and approved by PCI SSC before an ASV is added to PCI SSC’s List of Approved Scanning Vendors.

Please use this form to provide feedback about ASVs and their work product. Information collected from the Feedback Form will be held in strict confidence and used for the sole purpose of improving the quality of service provided by these assessors.

ASV Feedback Form

Fields marked * are required.

Form Submitter Name

Form Submitter Email Address

Form Submitter To Name

Form Submitter To Email Address

Please provide the following information about the assessor for whom you are providing feedback.

Name of ASV Employee, if known:

Name of ASV Company *:

Please provide the following information about you and your company. This information is optional.

Name:

Company Name:

Email Address:

Phone Number:

Entity Type:

Please Explain:

Please answer Y/N to each question. For all N responses, please provide an explanation in the box provided.

Question

Response

Comments

1. Did the ASV perform responsibly, diligently, objectively and in the best interest of the customer?

2. Did the ASV respect and safeguard confidential, proprietary, or otherwise sensitive information during the course of professional activities?

3. Did the ASV operate with integrity, honestly and accurately delivering information and guidance and avoiding activities that could constitute a conflict of interest?

4. Additional comments