| 💼 12.3.1 Each PCI DSS requirement that provides flexibility for how frequently it is performed is supported by a targeted risk analysis that is documented. | | | | | no data |
| 💼 12.3.2 A targeted risk analysis is performed for each PCI DSS requirement that the entity meets with the customized approach. | | | | | no data |
| 💼 12.3.3 Cryptographic cipher suites and protocols in use are documented and reviewed at least once every 12 months. | | | | | no data |
| 💼 12.3.4 Hardware and software technologies in use are reviewed at least once every 12 months. | | | | | no data |