💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures

• Contextual name: 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures

• ID: /frameworks/pci-dss-v4.0/12/04/02

• Located in: 💼 12.4 PCI DSS compliance is managed.

Description

Additional requirement for service providers only.

Include, but are not limited to, the following tasks:

• Daily log reviews.
• Configuration reviews for network security controls.
• Applying configuration standards to new systems.
• Responding to security alerts.
• Change-management processes.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/12/11
  • /frameworks/pci-dss-v4.0.1/12/04/02
• Internal
  • ID: dec-c-efc6ccd5

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.	1
💼 PCI DSS v4.0.1 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures	1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures.	1
💼 PCI DSS v4.0.1 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 12.4.2.1 Reviews conducted in accordance with Requirement 12.4.2 are documented.