| 💼 12.3.1 For each PCI DSS requirement that specifies completion of a targeted risk analysis, the analysis is documented. | | | | | no data |
| 💼 12.3.2 A targeted risk analysis is performed for each PCI DSS requirement that the entity meets with the customized approach. | | | | | no data |
| 💼 12.3.3 Cryptographic cipher suites and protocols in use are documented and reviewed at least once every 12 months. | | | | | no data |
| 💼 12.3.4 Hardware and software technologies in use are reviewed at least once every 12 months. | | | | | no data |