|
About the Maintain an Information Security Policy category
|
|
0
|
81
|
January 23, 2023
|
|
[PCI DSS 1.x] 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a for
|
|
4
|
8833
|
February 5, 2014
|
|
[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s
|
|
2
|
6214
|
January 13, 2014
|
|
[PCI DSS 1.x] 12.3.6 Acceptable network locations for the technologies
|
|
2
|
10065
|
November 2, 2011
|
|
[PCI DSS 1.x] 12.10.3 Ensure the entity is PCI DSS compliant
|
|
1
|
4194
|
October 20, 2010
|
|
[PCI DSS 1.x] 12.2 Develop daily operational security procedures that are consistent with requirements in this spe
|
|
5
|
9654
|
July 8, 2010
|
|
[PCI DSS 1.x] 12.1 Establish, publish, maintain, and disseminate a security policy that accomplishes the following
|
|
2
|
5146
|
November 12, 2009
|
|
[PCI DSS 1.x] 12.3.10 When accessing cardholder data remotely via modem, prohibition of storage of cardholder data
|
|
1
|
3889
|
September 30, 2009
|
|
[PCI DSS 1.x] 12.10.4 Connect and disconnect entities by following an established process
|
|
0
|
3034
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.2 Ensure proper due diligence is conducted prior to connecting an entity
|
|
0
|
2847
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.1 Maintain list of connected entities
|
|
0
|
3248
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10 All processors and service providers must maintain and implement policies and procedures to ma
|
|
0
|
2931
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.6 Develop process to modify and evolve the incident response plan according to lessons learned
|
|
0
|
2143
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.5 Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring
|
|
0
|
3289
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.4 Provide appropriate training to staff with security breach response responsibilities
|
|
0
|
2525
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts
|
|
0
|
1631
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.2 Test the plan at least annually
|
|
0
|
1682
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.1 Create the incident response plan to be implemented in the event of system compromise. Ensure
|
|
0
|
4705
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9 Implement an incident response plan. Be prepared to respond immediately to a system breach.
|
|
0
|
2302
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8.1 Service providers must adhere to the PCI DSS requirements
|
|
0
|
3197
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8 If cardholder data is shared with service providers, then contractually the following is requir
|
|
0
|
2232
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.7 Screen potential employees to minimize the risk of attacks from internal sources.
For those em
|
|
0
|
2513
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.2 Require employees to acknowledge in writing that they have read and understood the company's
|
|
0
|
3561
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
1989
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
3010
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2302
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
1987
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e
|
|
0
|
2576
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel
|
|
0
|
1914
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.1 Establish, document, and distribute security policies and procedures
|
|
0
|
2344
|
March 18, 2007
|