PCI Requirement 12.10.3 – Designate Specific Personnel to Be Available on a 24/7 Basis
by Randy Bartels / July 3rd, 2018
 24/7 Incident Response Team Even if you’re a small organization, PCI Requirement 12.10.3 requires that you designate specific personnel to be available on…
PCI Requirement 12.10.2 – Review and Test the Plan at Least Annually
by Randy Bartels / July 3rd, 2018
 Testing Your Incident Response Plan You must test your incident response plan. What’s the point of the plan if you aren’t sure that…
PCI Requirement 12.10.1 – Create the Incident Response Plan to Be Implemented in the Event of System Breach
by Randy Bartels / July 3rd, 2018
 Elements of Your Incident Response Plan To develop a thorough incident response plan, PCI Requirement 12.10.1 lists out the elements that should be…
PCI Requirement 12.10 – Implement an Incident Response Plan
by Randy Bartels / July 3rd, 2018
 Incident Response Plans PCI Requirement 12.10 requires organizations to implement an incident response plan and be prepared to respond immediately to a system…
PCI Requirement 12.9 – Additional Requirement for Service Providers Only: Service Providers Acknowledge in Writing to Customers That They are Responsible for the Security of Cardholder Data
by Randy Bartels / July 3rd, 2018
 Service Provider Responsibilities If you are a service provider, you must comply with PCI Requirement 12.9, which states, “Service providers acknowledge in writing…