💼 12.10 Suspected and confirmed security incidents that could impact the CDE are responded to immediately.

• Contextual name: 💼 12.10 Suspected and confirmed security incidents that could impact the CDE are responded to immediately.

• ID: /frameworks/pci-dss-v4.0/12/10

• Located in: 💼 12 Support Information Security with Organizational Policies and Programs

Description

Empty...

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.
💼 12.10.2 At least once every 12 months, the security incident response plan is reviewed and the content is updated as needed, and tested.
💼 12.10.3 Specific personnel are designated to be available on a 24/7 basis to respond to suspected or confirmed security incidents.
💼 12.10.4 Personnel responsible for responding to suspected and confirmed security incidents are appropriately and periodically trained on their incident response responsibilities.	1
💼 12.10.4.1 The frequency of periodic training for incident response personnel is defined in the entity's targeted risk analysis.
💼 12.10.5 The security incident response plan includes monitoring and responding to alerts from security monitoring systems.
💼 12.10.6 The security incident response plan is modified and evolved according to lessons learned and to incorporate industry developments.
💼 12.10.7 Incident response procedures are in place, to be initiated upon the detection of stored PAN anywhere it is not expected.