PCI Requirement 12.11.1 – Additional Requirement for Service Providers Only: Maintain Documentation of Quarterly Review Process
by Randy Bartels / July 3rd, 2018
Documenting Your Review Process The final requirement in PCI Requirement 12 works in conjunction with PCI Requirement 12.11. PCI Requirement 12.11.1 mandates organizations…
PCI Requirement 12.10.6 – Develop a Process to Modify and Evolve the Incident Response Plan According to Lessons Learned and to Incorporate Industry Developments
by Randy Bartels / July 3rd, 2018
Modifying Your Incident Response Plan Your incident response plan should be able to easily modify so it can be as thorough and up-to-date…
PCI Requirement 12.10.5 – Include Alerts from Security Monitoring Systems, Including but Not Limited to Intrusion-Detection, Intrusion-Prevention, Firewalls, and File-Integrity Monitoring Systems
by Randy Bartels / July 3rd, 2018
Monitoring Mechanisms in Incident Response Plans PCI Requirement 12.10.5 states that your incident response plan should, “Include alerts from security monitoring systems, including…
PCI Requirement 12.10.4 – Provide Appropriate Training to Staff with Security Breach Responsibilities
by Randy Bartels / July 3rd, 2018
Training Your Incident Response Team PCI Requirement 12.10.4 requires that your organization provides appropriate training to staff with security breach response responsibilities. One…