💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.
-
Contextual name: 💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.
-
ID:
/frameworks/pci-dss-v3.2.1/12/11 -
Located in: 💼 12 Maintain a policy that addresses information security for all personnel.
Description​
Additional requirement for service providers only.
Reviews must cover the following processes:
- Daily log reviews
- Firewall rule-set reviews
- Applying configuration standards to new systems
- Responding to security alerts
- Change management processes
Similar​
- Sections
/frameworks/pci-dss-v4.0/12/04/02
- Internal
- ID:
dec-c-663edf0d
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 12.11.1 Maintain documentation of quarterly review process. |