top of page
< Back

12.11 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID

PCI DSS

(v3.2.1)

12.11

Requirement 12: Maintain a policy that addresses information security for all personnel

(v3.2.1)

Additional requirement for service providers only: Perform reviews at least quarterly to confirm personnel are following security policies and operational procedures. Reviews must cover the following processes:
• Daily log reviews
• Firewall rule-set reviews
• Applying configuration standards to new systems
• Responding to security alerts
• Change management processes

bottom of page