11.6 Ensure that security policies and operational procedures for security monitoring and testing are documented, in use, and known to all affected parties

PCI DSS v3.2.1 Questions and Answers Forum Regularly Monitor and Test Networks
1

11.6 Ensure that security policies and operational procedures for security monitoring and testing are documented, in use, and known to all affected parties.

11.6 Examine documentation and interview personnel to verify that security policies and operational procedures for security monitoring and testing are:
• Documented,
• In use, and
• Known to all affected parties.

Personnel need to be aware of and following security policies and operational procedures for security monitoring and testing on a continuous basis.