Skip to main content

💼 12.10.1 Create the incident response plan to be implemented in the event of system breach.

ID: /frameworks/pci-dss-v3.2.1/12/10/01

Description

Ensure the plan addresses the following, at a minimum:

Roles, responsibilities, and communication and contact strategies in the event of a compromise including notification of the payment brands, at a minimum
Specific incident response procedures
Business recovery and continuity procedures
Data backup processes
Analysis of legal requirements for reporting compromises
Coverage and responses of all critical system components
Reference or inclusion of incident response procedures from the payment brands.

Similar

Sections
- /frameworks/pci-dss-v4.0/12/10/01
Internal
- ID: dec-c-c6340152

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.					no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.					no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections