PCIDSS.COM - PCI DSS Security Solutions Directory

Category: PCI DSS Requirement 12

Maintain a policy that addresses information security for all personnel.
PCI DSS Requirement 12 binds all the the previous requirements together since it defines the need for a robust and comprehensive information security policy within an entity. The Information Security Policy defines the culture, mindset and tone for the organization and provides a framework for all employees as to how they should approach information security and the handling of sensitive data, especially as it relates to cardholder data. This overarching policy must be communicated to the entire organization so that they all clearly understand their responsibilities. Within PCI DSS Requirement 12, the term “personnel” refers to any individual who has access to the entities cardholder data environment and thus access to sensitive cardholder data.

PCI Solution Provider

Controlcase

ControlCase is a global provider of Compliance as a Service (CaaS), enterprise software and services company. Our offerings enable our…

Read More

PCI Solution Provider

MetricStream

MetricStream IT GRC software solution allows organizations to adopt the PCI DSS framework and streamline their key processes for managing…

Read More

PCI Solution Provider

Mandiant

Mandiant, a FireEye company, is the leader in helping organizations respond to and proactively protect against advanced cyber security threats.…

Read More

Choose Page Layout
Header Position
Submenu Style