IA-1.1.5
The internal controls mentioned in Paragraph IA-1.1.3 must include, but not be limited to, the following:
(a) The development and or acquisition of the technology solutions to conduct the activity;
(b) Testing of the solutions and application program interfaces;
(c) Standards of communication and access and related security controls;
(d) Safe authentication of the users; and
(e) Tools and measures to prevent frauds and errors.
October 2019