|
About the Maintain an Information Security Policy category
|
|
0
|
11
|
January 23, 2023
|
|
[PCI DSS 1.x] 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a for
|
|
4
|
8768
|
February 5, 2014
|
|
[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s
|
|
2
|
6145
|
January 13, 2014
|
|
[PCI DSS 1.x] 12.3.6 Acceptable network locations for the technologies
|
|
2
|
9998
|
November 2, 2011
|
|
[PCI DSS 1.x] 12.10.3 Ensure the entity is PCI DSS compliant
|
|
1
|
4140
|
October 20, 2010
|
|
[PCI DSS 1.x] 12.2 Develop daily operational security procedures that are consistent with requirements in this spe
|
|
5
|
9601
|
July 8, 2010
|
|
[PCI DSS 1.x] 12.1 Establish, publish, maintain, and disseminate a security policy that accomplishes the following
|
|
2
|
5089
|
November 12, 2009
|
|
[PCI DSS 1.x] 12.3.10 When accessing cardholder data remotely via modem, prohibition of storage of cardholder data
|
|
1
|
3838
|
September 30, 2009
|
|
[PCI DSS 1.x] 12.10.4 Connect and disconnect entities by following an established process
|
|
0
|
2959
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.2 Ensure proper due diligence is conducted prior to connecting an entity
|
|
0
|
2783
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.1 Maintain list of connected entities
|
|
0
|
3190
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10 All processors and service providers must maintain and implement policies and procedures to ma
|
|
0
|
2889
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.6 Develop process to modify and evolve the incident response plan according to lessons learned
|
|
0
|
2079
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.5 Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring
|
|
0
|
3239
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.4 Provide appropriate training to staff with security breach response responsibilities
|
|
0
|
2485
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts
|
|
0
|
1582
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.2 Test the plan at least annually
|
|
0
|
1636
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.1 Create the incident response plan to be implemented in the event of system compromise. Ensure
|
|
0
|
4634
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9 Implement an incident response plan. Be prepared to respond immediately to a system breach.
|
|
0
|
2247
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8.1 Service providers must adhere to the PCI DSS requirements
|
|
0
|
3153
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8 If cardholder data is shared with service providers, then contractually the following is requir
|
|
0
|
2185
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.7 Screen potential employees to minimize the risk of attacks from internal sources.
For those em
|
|
0
|
2445
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.2 Require employees to acknowledge in writing that they have read and understood the company's
|
|
0
|
3518
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
1937
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
2957
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2257
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
1943
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e
|
|
0
|
2524
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel
|
|
0
|
1866
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.1 Establish, document, and distribute security policies and procedures
|
|
0
|
2293
|
March 18, 2007
|