Sub-Requirement 7.3 Update: v3.0 11/2013)
7.3 Ensure that security policies and operational procedures for managing vendor defaults and other security parameters are documented, in use, and known to all affected parties. (Maps to prior Requirement 12.2)
Examine documentation interview personnel to verify that security policies and operational procedures for encrypting transmissions of cardholder data are:
- Documented
- In use
- Known to all affected parties
Copyright © Cloud Software Group, Inc. All rights reserved.