Topics tagged requirement-12:-main

Topic	Replies	Views	Activity
[PCI DSS 3.0] 12.1 Establish, publish, maintain, and disseminate a security policy. Maintain an Information Security Policy (Requireme requirement-12:-main	1	3307	October 5, 2015
[PCI DSS 3.0] 12.10.6 Develop a process to modify and evolve the incident response plan according to lessons learn Maintain an Information Security Policy (Requireme requirement-12:-main	0	1856	September 23, 2014
[PCI DSS 3.0] 12.10.5 Include alerts from security monitoring systems, including but not limited to intrusion-dete Maintain an Information Security Policy (Requireme requirement-12:-main	0	1711	September 23, 2014
[PCI DSS 3.0] 12.10.4 Provide appropriate training to staff with security breach response responsibilities. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2289	September 23, 2014
[PCI DSS 3.0] 12.10.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2189	September 23, 2014
[PCI DSS 3.0] 12.10.2 Test the plan at least annually. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2077	September 23, 2014
[PCI DSS 3.0] 12.10.1 Create the incident response plan to be implemented in the event of system breach. Ensure th Maintain an Information Security Policy (Requireme requirement-12:-main	0	5178	September 23, 2014
[PCI DSS 3.0] 12.10 Implement an incident response plan. Be prepared to respond immediately to a system breach. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1329	September 23, 2014
[PCI DSS 3.0] 12.9 Additional requirement for service providers: Service providers acknowledge in writing to custo Maintain an Information Security Policy (Requireme requirement-12:-main	0	3684	September 23, 2014
[PCI DSS 3.0] 12.8.5 Maintain information about which PCI DSS requirements are managed by each service provider, a Maintain an Information Security Policy (Requireme requirement-12:-main	0	3214	September 23, 2014
[PCI DSS 3.0] 12.8.4 Maintain a program to monitor service providers’ PCI DSS compliance status at least annually. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2445	September 23, 2014
[PCI DSS 3.0] 12.8.3 Ensure there is an established process for engaging service providers including proper due di Maintain an Information Security Policy (Requireme requirement-12:-main	0	2270	September 23, 2014
[PCI DSS 3.0] 12.8.2 Maintain a written agreement that includes an acknowledgement that the service providers are Maintain an Information Security Policy (Requireme requirement-12:-main	0	2405	September 23, 2014
[PCI DSS 3.0] 12.8.1 Maintain a list of service providers. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1666	September 23, 2014
[PCI DSS 3.0] 12.8 Maintain and implement policies and procedures to manage service providers with whom cardholder Maintain an Information Security Policy (Requireme requirement-12:-main	0	1386	September 23, 2014
[PCI DSS 3.0] 12.7 Screen potential personnel prior to hire to minimize the risk of attacks from internal sources. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2489	September 23, 2014
[PCI DSS 3.0] 12.6.2 Require personnel to acknowledge at least annually that they have read and understood the sec Maintain an Information Security Policy (Requireme requirement-12:-main	0	1883	September 23, 2014
[PCI DSS 3.0] 12.6.1 Educate personnel upon hire and at least annually. Maintain an Information Security Policy (Requireme requirement-12:-main	0	2798	September 23, 2014
[PCI DSS 3.0] 12.6 Implement a formal security awareness program to make all personnel aware of the importance of Maintain an Information Security Policy (Requireme requirement-12:-main	0	1558	September 23, 2014
[PCI DSS 3.0] 12.5.5 Monitor and control all access to data. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1876	September 23, 2014
[PCI DSS 3.0] 12.5.4 Administer user accounts, including additions, deletions, and modifications. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1654	September 23, 2014
[PCI DSS 3.0] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e Maintain an Information Security Policy (Requireme requirement-12:-main	0	1753	September 23, 2014
[PCI DSS 3.0] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1673	September 23, 2014
[PCI DSS 3.0] 12.5.1 Establish, document, and distribute security policies and procedures. Maintain an Information Security Policy (Requireme requirement-12:-main	0	1521	September 23, 2014
[PCI DSS 3.0] 12.5 Assign to an individual or team the following information security management responsibilities Maintain an Information Security Policy (Requireme requirement-12:-main	0	1541	September 23, 2014
[PCI DSS 3.0] 12.4 Ensure that the security policy and procedures clearly define information security responsibili Maintain an Information Security Policy (Requireme requirement-12:-main	0	1661	September 23, 2014
[PCI DSS 3.0] 12.3.10 For personnel accessing cardholder data via remote-access technologies, prohibit the copying Maintain an Information Security Policy (Requireme requirement-12:-main	0	2166	September 23, 2014
[PCI DSS 3.0] 12.3.9 Activation of remote-access technologies for vendors and business partners only when needed b Maintain an Information Security Policy (Requireme requirement-12:-main	0	2080	September 23, 2014
[PCI DSS 3.0] 12.3.8 Automatic disconnect of sessions for remote-access technologies after a specific period of in Maintain an Information Security Policy (Requireme requirement-12:-main	0	4241	September 23, 2014
[PCI DSS 3.0] 12.3.7 List of company-approved products Maintain an Information Security Policy (Requireme requirement-12:-main	0	2926	September 23, 2014