Requirement 12: Maintain a policy that addresses information security for employees and contractors
While audits to validate PCI compliance might occur only once a year, maintaining compliance requires regular daily activities to validate compliance controls and ensure the security of cardholder data. The following table lists the specific subrequirements in Requirement 12 that are addressed by LogLogic Compliance Suite - PCI Edition.
| Requirement 12 | Regularly test security systems and processes |
|---|---|
| 12.2 | Maintain a Policy that addresses information security for employees and contractors |
| 12.9.5 | Implement an incident response plan. Be prepared to respond immediately to a system breach: Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring systems. |
Subtopics