PCI – If you are a merchant, service provider, or sub-service provider who stores, processes, or transmits cardholder data, you know what a challenge it can be to undergo your annual PCI compliance audit. Don’t let the thought of this 394 control framework slow you down.
Our exclusive PCI video series walks you through each of the 12 PCI DSS Requirements, and their sub-requirements, and examples of how to meet each of the requirements. Start watching this go-to resource today.
PCI Requirement 12.11.1 – Additional Requirement for Service Providers Only: Maintain Documentation of Quarterly Review Process
/in PCI Demystified, Video /by Randy BartelsThe final requirement in PCI Requirement 12 works in conjunction with PCI Requirement 12.11.
PCI Requirement 12.11 – Additional Requirement for Service Providers Only: Perform Reviews at Least Quarterly to Confirm Personnel Are Following Security Policies and Operational Procedures
/in PCI Demystified, Video /by Randy BartelsIf you are a service provider, your organization must comply with PCI Requirement 12.11. It requires that you perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.
PCI Requirement 12.10.6 – Develop a Process to Modify and Evolve the Incident Response Plan According to Lessons Learned and to Incorporate Industry Developments
/in PCI Demystified, Video /by Randy BartelsYour incident response plan should be able to easily modify so it can be as thorough and up-to-date as possible.
PCI Requirement 12.10.5 – Include Alerts from Security Monitoring Systems, Including but Not Limited to Intrusion-Detection, Intrusion-Prevention, Firewalls, and File-Integrity Monitoring Systems
/in PCI Demystified, Video /by Randy BartelsPCI Requirement 12.10.5 states that your incident response plan should, “Include alerts from security monitoring systems, including but not limited to intrusion-detection, intrusion-prevention, firewalls, and file-integrity monitoring systems.”
PCI Requirement 12.10.4 – Provide Appropriate Training to Staff with Security Breach Responsibilities
/in PCI Demystified, Video /by Randy BartelsPCI Requirement 12.10.4 requires that your organization provides appropriate training to staff with security breach response responsibilities.