💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures
- ID:
/frameworks/pci-dss-v4.0/12/04/02
Description​
Additional requirement for service providers only.
Include, but are not limited to, the following tasks:
- Daily log reviews.
- Configuration reviews for network security controls.
- Applying configuration standards to new systems.
- Responding to security alerts.
- Change-management processes.
Similar​
- Sections
/frameworks/pci-dss-v3.2.1/12/11/frameworks/pci-dss-v4.0.1/12/04/02
- Internal
- ID:
dec-c-efc6ccd5
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures. | 1 | no data | |||
| 💼 PCI DSS v4.0.1 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 | no data |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 12.11 Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures. | 1 | no data | |||
| 💼 PCI DSS v4.0.1 → 💼 12.4.2 Reviews are performed at least once every three months to confirm that personnel are performing their tasks in accordance with all security policies and operational procedures | 1 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 12.4.2.1 Reviews conducted in accordance with Requirement 12.4.2 are documented. | no data |