PCI Requirement 12.5.5 – Monitor and Control All Access to Data
PCI Requirement 12.5.2 – Monitor and Analyze Security Alerts and Distribute to Appropriate Personnel
PCI Requirement 12.3.5 – Acceptable Uses of the Technology
PCI Requirement 12.3.2 – Authentication for Use of the Technology
PCI Requirement 12.3.4 – A Method to Accurately Determine Owner, Contact Information, and Purpose
PCI Requirement 12.4 – Ensure Security Policies & Procedures Define Responsibilities for All
PCI Requirement 6.1 – Establish a Process to Identify Security Vulnerabilities
PCI Requirement 12.3 – Develop Usage Policies for Critical Technologies
PCI Requirement 7.3 – Document Policies & Procedures for Restricting Access to Cardholder Data
PCI Requirement 9.8 – Destroy Media When it is no Longer Needed
PCI Requirement 12.2 – Implement a Risk Assessment Process
PCI Requirement 5.1.2 – Perform Evaluations to Identify & Evaluate Evolving Malware Threats
PCI Requirement 5.3 – Ensure Anti-Virus Mechanisms are Active and Can’t be Altered
PCI Requirement 9.6 – Maintain Control Over the Internal/External Distribution of Any Kind of Media
PCI Requirement 9.4.2 – Visitors are Identified and Given a Badge that Expires
PCI Requirement 12.3.1 – Explicit Approval by Authorized Parties
PCI Requirement 6.5.1 – 6.5.6 Recap
PCI Requirement 2.5 - Ensure Security Policies Are Known to All Affected Parties
PCI Requirement 11.2.3 – Perform Internal and External Scans and Rescans as Needed
PCI Requirement 7.2 – Establish an Access Control System
