Requirement 12.8.2

Maintain a written agreement that includes an acknowledgement that the service providers are responsible for the security of cardholder data the service providers possess.