|
About the Maintain an Information Security Policy category
|
|
0
|
96
|
January 23, 2023
|
|
[PCI DSS 1.x] 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a for
|
|
4
|
8856
|
February 5, 2014
|
|
[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s
|
|
2
|
6234
|
January 13, 2014
|
|
[PCI DSS 1.x] 12.3.6 Acceptable network locations for the technologies
|
|
2
|
10082
|
November 2, 2011
|
|
[PCI DSS 1.x] 12.10.3 Ensure the entity is PCI DSS compliant
|
|
1
|
4211
|
October 20, 2010
|
|
[PCI DSS 1.x] 12.2 Develop daily operational security procedures that are consistent with requirements in this spe
|
|
5
|
9678
|
July 8, 2010
|
|
[PCI DSS 1.x] 12.1 Establish, publish, maintain, and disseminate a security policy that accomplishes the following
|
|
2
|
5161
|
November 12, 2009
|
|
[PCI DSS 1.x] 12.3.10 When accessing cardholder data remotely via modem, prohibition of storage of cardholder data
|
|
1
|
3912
|
September 30, 2009
|
|
[PCI DSS 1.x] 12.10.4 Connect and disconnect entities by following an established process
|
|
0
|
3052
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.2 Ensure proper due diligence is conducted prior to connecting an entity
|
|
0
|
2867
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.1 Maintain list of connected entities
|
|
0
|
3262
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10 All processors and service providers must maintain and implement policies and procedures to ma
|
|
0
|
2945
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.6 Develop process to modify and evolve the incident response plan according to lessons learned
|
|
0
|
2162
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.5 Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring
|
|
0
|
3303
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.4 Provide appropriate training to staff with security breach response responsibilities
|
|
0
|
2539
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts
|
|
0
|
1647
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.2 Test the plan at least annually
|
|
0
|
1696
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.1 Create the incident response plan to be implemented in the event of system compromise. Ensure
|
|
0
|
4732
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9 Implement an incident response plan. Be prepared to respond immediately to a system breach.
|
|
0
|
2323
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8.1 Service providers must adhere to the PCI DSS requirements
|
|
0
|
3219
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8 If cardholder data is shared with service providers, then contractually the following is requir
|
|
0
|
2246
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.7 Screen potential employees to minimize the risk of attacks from internal sources.
For those em
|
|
0
|
2535
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.2 Require employees to acknowledge in writing that they have read and understood the company's
|
|
0
|
3576
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
2005
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
3029
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2317
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
2003
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e
|
|
0
|
2589
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel
|
|
0
|
1927
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.1 Establish, document, and distribute security policies and procedures
|
|
0
|
2355
|
March 18, 2007
|