Blog

PCI DSS Requirement 1.1.5: Defining Roles and Responsibilities for Managing Network Components

by KirkpatrickPrice / December 22, 2022

What is PCI Requirement 1.1.5? It’s not enough that you have a network set up with established policies, procedures, and processes. You also need to ensure that you have someone within your organization that has the formal responsibility of managing the network. PCI Requirement 1.1.5 states that it's necessary for your organization to have a "description of groups, roles, and responsibilities for management of network components." PCI Requirement 1.1.5 ensures…

PCI DSS Requirement 1.1.4: Establishing a Firewall and DMZ

by KirkpatrickPrice / December 22, 2022

What is PCI Requirement 1.1.4? PCI DSS Requirement 1.1.4 requires “a firewall at each internet connection and between any demilitarized zone (DMZ) and the internal network zone.” PCI DSS v3.2, the current version of the standard, says that the purpose behind PCI Requirement 1.1.4 is, “Using a firewall on every internet connection coming in to (and out of) the network, and between any DMZ and the internal network, allows the…

PCI DSS Requirement 1.1.2 and 1.1.3: Network Documentation

by KirkpatrickPrice / December 19, 2022

What are PCI Requirement 1.1.2 & 1.1.3? PCI DSS Requirements 1.1.2 and 1.1.3 are all about maintaining network documentation. Network documentation consists of two things: a network diagram and a data flow diagram. An updated network diagram is required by PCI Requirement 1.1.2, which states that organizations must have a “current network diagram that identifies all connections between the Cardholder Data Environment (CDE) and other networks, including any wireless networks.”…

PCI DSS Requirement 1.1.1: Implementing a Change Control Program

by KirkpatrickPrice / December 19, 2022

What is PCI Requirement 1.1.1? Your organization needs to ensure that you have the appropriate methods to control any changes into and out of your environment. PCI Requirement 1.1.1 requires, "a formal process for approving and testing all network connections and changes to the firewall and router configurations." The PCI DSS v3.2.1 states that PCI Requirement 1.1.1 exists because, "Without formal approval and testing of changes, records of the changes…

Introduction to PCI DSS Requirement 1

by KirkpatrickPrice / April 12, 2023

This exclusive video series, PCI Demystified, was developed to assist your organization in understanding what the Payment Card Industry Data Security Standard (PCI DSS) is, who it applies to, what the specific requirements are, and what your organizations needs to do to become compliant. In this episode, Jeff Wilder walks us through PCI Requirement 1. The Payment Card Industry Data Security Standard (PCI DSS) was jointly developed by the payment card…

PCI DSS Requirement 1.1.5: Defining Roles and Responsibilities for Managing Network Components

PCI DSS Requirement 1.1.4: Establishing a Firewall and DMZ

PCI DSS Requirement 1.1.2 and 1.1.3: Network Documentation

PCI DSS Requirement 1.1.1: Implementing a Change Control Program

Introduction to PCI DSS Requirement 1

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.