Craig Armstrong

Partner, Shoosmiths
Craig heads the IT discipline within Shoosmiths’ Commercial team and advises on a wide range of IT and sourcing matters across a wide range of industry sectors with a particular focus on the IT, financial services and retail sectors. Craig's diverse experience includes negotiating IT infrastructure and desktop outsourcings, ERP and CRM system procurements, complex IT-centric and business process outsourcings (both onshore and offshore), negotiating software implementation, licensing and support agreements, advising on intellectual property issues within the technology, healthcare and biotechnology sector and advising on contractual arrangements relating to e-commerce trading platforms and co-branded financial services on behalf of financial institutions and retail partners. Craig also has niche expertise within financial services and regularly advises on merchant acquiring, co- branded and affinity products, customer account value added services and other commercial contracts within the retail financial services sector. Craig is ITIL certified, the leading global best business practice for IT Service Management.
Contributed to

6

Payment Card Industry Data Security Standards (PCI DSS) for commercial lawyers
Practice Note

This Practice Note provides an introduction to the Payment Card Industry Data Security Standards (PCI DSS) for commercial lawyers. It explains the origins of PCI DSS and the Payment Card Industry Security Standards Council (PCI SSC), the entities to which PCI DSS applies, PCI DSS principles and requirements, steps that are required for compliance with PCI DSS, the requirements for ongoing compliance, enforcement, including card scheme fines and interaction with UK privacy and data security laws and standards. Concepts examined include PIN Transaction Security (PTS), Payment Application Data Security Standard (PA-DSS), tokenisation and shared-hosting providers. It also identifies certain key contractual protections that should be sought by merchants from the service providers.

Systems integration agreement—pro-customer
Precedent

This is a precedent systems integration agreement, which is intended for use where a customer engages a supplier to deliver an integrated solution that operates within the customer’s IT environment. It covers the procurement, delivery and installation of hardware and software, the supply of development and integration services, acceptance testing, and also the provision of ancillary services such as maintenance and/or training to customer staff on how to use the solution. The agreement is drafted with a pro-customer bias, particularly in relation to warranties, indemnities, liability and termination.

Systems integration agreement—pro-supplier
Precedent

This is a precedent systems integration agreement, which is intended for use where a supplier is delivering an integrated solution that operates within the customer’s IT environment. It covers the procurement, delivery and installation of hardware and software, the supply of development and integration services, acceptance testing, and also the provision of ancillary services such as maintenance and/or training to customer staff on how to use the solution. The agreement is drafted with a pro-supplier bias.

Other work

Practice areas

Membership

  • Society for Computers and Law

Panel

  • Consulting Editorial Board
  • Contributing Author
  • Q&A Panel

Education

  • University of Wales, Cardiff LLB, Law 1994 1997

If you expected to see yourself on this page, click here.