PCI Requirement 11.5.1 – Implement a Process to Respond to Any Alerts Generated by the Change-Detection Solution

PCI Requirement 11.5.1 – Implement a Process to Respond to Any Alerts Generated by the Change-Detection Solution

Responding to Alerts

PCI Requirement 11.5.1 works in tandem with PCI Requirement 11.5. When your change-detection mechanism gives you an alert, you must have a process in place to respond to that. PCI Requirement 11.5.1 states, “Implement a process to respond to any alerts generated by the change-detection solution.”

During the assessment process, your staff will be interviewed to ensure that all alerts are investigated and resolved.

Video Transcript

Keeping in mind that your file monitoring system needs to be run weekly, where your file integrity monitoring system has generated an alert or if there is an event that is created as part of your file integrity monitoring system, it needs to generate some type of log. Your staff would then need to appropriately react to that particular event.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *