Secure Development Practices
The Rule requires dealerships to ensure the software they use that involves the transmission processing, and storage of customer data was developed using secure practices.
314.4 (c) (4)
Adopt secure development practices for in-house developed applications utilized by you for transmitting, accessing, or storing customer information and procedures for evaluating, assessing, or testing the security of externally developed applications you utilize to transmit, access, or store customer information;
Mosaic Compliance Services provides Secure Development Practices documentation included in your WISP.