[PCI DSS 3.0] 1.5 Ensure that security policies and operational procedures for managing firewalls are documented

1.5 Ensure that security policies and
operational procedures for managing
firewalls are documented, in use, and
known to all affected parties.

1.5 Examine documentation and interview personnel to verify
that security policies and operational procedures for managing
firewalls are:
 Documented,
 In use, and
 Known to all affected parties.

Personnel need to be aware of and following
security policies and operational procedures to
ensure firewalls and routers are continuously
managed to prevent unauthorized access to the
network.