What is the definition of 'Approved Scanning Vendor' in the context of firewall scans for Dq Treat?
Dq_Treat Franchise · 2025 FDDAnswer from 2025 FDD Document
m. through any firewall in use, whether provided by Acumera or otherwise acquired by Participating Location, that has not passed its most recent Approved Scanning Vendor's scan (unless the issue has already been remediated);
Source: Item 17 — The following paragraph is added to the end of Item 17 of the Disclosure Document: (FDD pages 70–378)
What This Means (2025 FDD)
I am unable to provide a definition of 'Approved Scanning Vendor' for Dq Treat, according to the 2025 Franchise Disclosure Document. While the document mentions the term 'Approved Scanning Vendor' in the context of firewall scans and data breach liability, it does not explicitly define what constitutes an 'Approved Scanning Vendor'.
Specifically, the FDD states that Acumera (the firewall provider) is not liable for data breaches if they occur through a firewall that has not passed its most recent Approved Scanning Vendor's scan, unless the issue has already been fixed. This implies that Dq Treat franchisees are required to use a scanning vendor approved by Dq Treat to regularly scan their firewalls.
To fully understand this requirement, prospective Dq Treat franchisees should ask the franchisor for a list of approved scanning vendors, the frequency with which these scans must be performed, and the process for remediating any issues identified during the scans. Understanding these details is crucial for managing cybersecurity risks and ensuring compliance with PCI-DSS standards.