PCI Requirement 10.6.3 – Follow Up Exceptions and Anomalies Identified During the Review Process
Follow Up Once an organization has completed log review, they must follow up exceptions and anomalies identified during the review process. The purpose of PCI Requirement 10.6.3 is a little obvious, right? If exceptions and anomalies are not investigated, then what’s the point of the log review process? The follow up process helps make organizations aware of unauthorized activities occurring in their network. During an assessment, policies and procedures…