
PCI Requirement 12.10.1 – Create the Incident Response Plan to Be Implemented in the Event of System Breach
Elements of Your Incident Response Plan To develop a thorough incident response plan, PCI Requirement 12.10.1 lists out the elements that should be included in your plan. At a minimum, your plan should include: Roles, responsibilities, communication, and contact strategies in the event of a compromise including notification of the payment brands Specific incident response procedures Business recovery and continuity procedures Data back-up processes Analysis of legal requirements for…