💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.

• Contextual name: 💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.

• ID: /frameworks/pci-dss-v4.0/12/10/01

• Located in: 💼 12.10 Suspected and confirmed security incidents that could impact the CDE are responded to immediately.

Description

The plan includes, but is not limited to:

• Roles, responsibilities, and communication and contact strategies in the event of a suspected or confirmed security incident, including notification of payment brands and acquirers, at a minimum.
• Incident response procedures with specific containment and mitigation activities for different types of incidents.
• Business recovery and continuity procedures.
• Data backup processes.
• Analysis of legal requirements for reporting compromises.
• Coverage and responses of all critical system components.
• Reference or inclusion of incident response procedures from the payment brands.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/12/10/01
  • /frameworks/pci-dss-v4.0.1/12/10/01

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.10.1 Create the incident response plan to be implemented in the event of system breach.
💼 PCI DSS v4.0.1 → 💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 12.10.1 Create the incident response plan to be implemented in the event of system breach.
💼 PCI DSS v4.0.1 → 💼 12.10.1 An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags