πΌ 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.
-
Contextual name: πΌ 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.
-
ID:
/frameworks/pci-dss-v3.2.1/12/11 -
Located in: πΌ 12 Maintain a policy that addresses information security for all personnel.
Descriptionβ
Additional requirement for service providers only.
Reviews must cover the following processes:
- Daily log reviews
- Firewall rule-set reviews
- Applying configuration standards to new systems
- Responding to security alerts
- Change management processes
Similarβ
- Sections
/frameworks/pci-dss-v4.0/12/04/02
- Internal
- ID:
dec-c-663edf0d
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ 12.11.1 Maintain documentation of quarterly review process. |