PCI Requirement 12.3.2 – Authentication for Use of the Technology
PCI v4.0 - 12.3.2: Perform Targeted Risk Analyses for Customized Approach
[PCI DSS Requirement 12] : Summary of Changes from Version 3.2.1 to 4.0 Explained
PCI Requirement 12.3 – Develop Usage Policies for Critical Technologies
PCI Requirement 12.3.10 – Prohibit the Moving of Cardholder Data onto Local Hard Drives
PCI Requirement 12.3.1 – Explicit Approval by Authorized Parties
PCI DSS 3.2: Req. 12.4.1
PCI Requirement 12.2 – Implement a Risk Assessment Process
PCI Requirement 12.8.4 and 12.8.5 – Monitor Service Providers’ PCI DSS Compliance Status
PCI Requirement 3.2 - Do Not Store Sensitive Authentication Data After Authorization
PCI Requirement 12.8.3 – Ensure there is an Established Process for Engaging Service Providers
PCI Requirement 12.5.2 – Monitor and Analyze Security Alerts and Distribute to Appropriate Personnel
PCI Requirement 12.9 – Service Providers are Responsible for the Security of Cardholder Data
PCI Requirement 7 – Restrict Access to Cardholder Data by Business Need to Know
PCI Requirement 12.5.4 – Administer User Accounts, Including Additions, Deletions, and Modifications
PCI Requirement 7.2 – Establish an Access Control System
PCI Requirement 2.5 - Ensure Security Policies Are Known to All Affected Parties
PCI Requirement 7.2.2 – Assignment of Privileges Based on Job Function
PCI Requirement 4.3 – Ensure Security Policies and Procedures are Known to all Affected Parties
Common Causes of System Failure, PCI DSS