| ๐ผ 5.1 Processes and mechanisms for protecting all systems and networks from malicious software are defined and understood. | 2 | | | |
| ย ย ย ย ๐ผ 5.1.1 All security policies and operational procedures identified in Requirement 5 are documented, kept up to date, in use, and known to all affected parties. | | | | |
| ย ย ย ย ๐ผ 5.1.2 Roles and responsibilities for performing activities in Requirement 5 are documented, assigned, and understood. | | | | |
| ๐ผ 5.2 Malicious software (malware) is prevented, or detected and addressed. | 3 | | | |
| ย ย ย ย ๐ผ 5.2.1 An anti-malware solution(s) is deployed on all system components. | | | | |
| ย ย ย ย ๐ผ 5.2.2 The deployed anti-malware solution(s) detects, removes, blocks, or contains all known types of malware. | | | | |
| ย ย ย ย ๐ผ 5.2.3 Any system components that are not at risk for malware are evaluated periodically. | 1 | | | |
| ย ย ย ย ย ย ย ย ๐ผ 5.2.3.1 The frequency of periodic evaluations of system components identified as not at risk for malware is defined in the entity's targeted risk analysis. | | | | |
| ๐ผ 5.3 Anti-malware mechanisms and processes are active, maintained, and monitored. | 5 | | | |
| ย ย ย ย ๐ผ 5.3.1 The anti-malware solution(s) is kept current via automatic updates. | | | | |
| ย ย ย ย ๐ผ 5.3.2 The anti-malware solution performs periodic scans and active or real-time scans or performs continuous behavioral analysis of systems or processes. | 1 | | | |
| ย ย ย ย ย ย ย ย ๐ผ 5.3.2.1 If periodic malware scans are performed to meet Requirement 5.3.2, the frequency of scans is defined in the entity's targeted risk analysis. | | | | |
| ย ย ย ย ๐ผ 5.3.3 For removable electronic media, the anti-malware solution performs automatic scans of when the media is inserted, connected, or logically mounted, or performs continuous behavioral analysis of systems or processes when the media is inserted, connected, or logically mounted. | | | | |
| ย ย ย ย ๐ผ 5.3.4 Audit logs for the anti-malware solution(s) are enabled and retained. | | | | |
| ย ย ย ย ๐ผ 5.3.5 Anti-malware mechanisms cannot be disabled or altered by users, unless specifically documented, and authorized by management on a case-by-case basis for a limited time period. | | | | |
| ๐ผ 5.4 Anti-phishing mechanisms protect users against phishing attacks. | 1 | | | |
| ย ย ย ย ๐ผ 5.4.1 Processes and automated mechanisms are in place to detect and protect personnel against phishing attacks. | | | | |